Microsoft CVE Summary

This report contains detail for the following vulnerabilities:

CVE Issued by Tag CVE ID CVE Title
openssl-security@openssl.orgMariner CVE-2023-3446 Unknown
support@hackerone.comMariner CVE-2023-28320 Unknown
support@hackerone.comMariner CVE-2023-27538 Unknown
support@hackerone.comMariner CVE-2023-27537 Unknown
support@hackerone.comMariner CVE-2023-27535 Unknown
support@hackerone.comMariner CVE-2023-27536 Unknown
secalert@redhat.comMariner CVE-2023-2700 Unknown
security-advisories@github.comMariner CVE-2023-27478 Unknown
openssl-security@openssl.orgMariner CVE-2023-2650 Unknown
cve@mitre.orgMariner CVE-2023-26964 Unknown
security-advisories@github.comMariner CVE-2023-25801 Unknown
report@snyk.ioMariner CVE-2023-26159 Unknown
security-advisories@github.comMariner CVE-2023-25676 Unknown
security-advisories@github.comMariner CVE-2023-25675 Unknown
security-advisories@github.comMariner CVE-2023-25674 Unknown
security-advisories@github.comMariner CVE-2023-25671 Unknown
security-advisories@github.comMariner CVE-2023-25672 Unknown
security-advisories@github.comMariner CVE-2023-25668 Unknown
security-advisories@github.comMariner CVE-2023-25670 Unknown
security-advisories@github.comMariner CVE-2023-25669 Unknown
security-advisories@github.comMariner CVE-2023-25666 Unknown
security-advisories@github.comMariner CVE-2023-25665 Unknown
security-advisories@github.comMariner CVE-2023-25664 Unknown
security-advisories@github.comMariner CVE-2023-25663 Unknown
security-advisories@github.comMariner CVE-2023-25662 Unknown
security-advisories@github.comMariner CVE-2023-25658 Unknown
security-advisories@github.comMariner CVE-2023-25659 Unknown
cve@mitre.orgMariner CVE-2023-25012 Unknown
support@hackerone.comMariner CVE-2023-28319 Unknown
security-advisories@github.comMariner CVE-2023-25153 Unknown
security@hashicorp.comMariner CVE-2023-2816 Unknown
support@hackerone.comMariner CVE-2023-28322 Unknown
security-officer@isc.orgMariner CVE-2023-4408 Unknown
cve@mitre.orgMariner CVE-2023-41913 Unknown
cve@mitre.orgMariner CVE-2023-42282 Unknown
cve@mitre.orgMariner CVE-2023-41361 Unknown
secalert@redhat.comMariner CVE-2023-40661 Unknown
secalert@redhat.comMariner CVE-2023-40660 Unknown
security@golang.orgMariner CVE-2023-39325 Unknown
security@golang.orgMariner CVE-2023-3978 Unknown
support@hackerone.comMariner CVE-2023-38546 Unknown
cve@mitre.orgMariner CVE-2023-38710 Unknown
openssl-security@openssl.orgMariner CVE-2023-3817 Unknown
cve@mitre.orgMariner CVE-2023-38325 Unknown
security-advisories@github.comMariner CVE-2023-37460 Unknown
cve@mitre.orgMariner CVE-2023-36328 Unknown
secalert@redhat.comMariner CVE-2023-3750 Unknown
cve-coordination@google.comMariner CVE-2023-33953 Unknown
cve@mitre.orgMariner CVE-2023-34411 Unknown
cve-coordination@google.comMariner CVE-2023-32732 Unknown
cve-coordination@google.comMariner CVE-2023-32731 Unknown
security-officer@isc.orgMariner CVE-2023-3341 Unknown
security-advisories@github.comMariner CVE-2023-32067 Unknown
support@hackerone.comMariner CVE-2023-32001 Unknown
security-advisories@github.comMariner CVE-2023-31130 Unknown
security-advisories@github.comMariner CVE-2023-31147 Unknown
secalert@redhat.comMariner CVE-2023-2977 Unknown
cve@mitre.orgMariner CVE-2023-29941 Unknown
secure@intel.comMariner CVE-2023-28938 Unknown
support@hackerone.comMariner CVE-2023-28321 Unknown
security-advisories@github.comMariner CVE-2023-45142 Unknown
cve-assignments@hackerone.comMariner CVE-2023-23915 Unknown
security-advisories@github.comMariner CVE-2023-22466 Unknown
security@golang.orgMariner CVE-2022-32149 Unknown
support@hackerone.comMariner CVE-2022-32221 Unknown
cve@mitre.orgMariner CVE-2022-29526 Unknown
cve@mitre.orgMariner CVE-2022-31394 Unknown
cve@mitre.orgMariner CVE-2022-28805 Unknown
security@ubuntu.comMariner CVE-2022-28736 Unknown
security@golang.orgMariner CVE-2022-2879 Unknown
security@ubuntu.comMariner CVE-2022-28733 Unknown
security@ubuntu.comMariner CVE-2022-28734 Unknown
cve@mitre.orgMariner CVE-2022-28391 Unknown
secalert@redhat.comMariner CVE-2022-2601 Unknown
security-advisories@github.comMariner CVE-2022-24713 Unknown
security-advisories@github.comMariner CVE-2022-21698 Unknown
openssl-security@openssl.orgMariner CVE-2022-2097 Unknown
security@huntr.devMariner CVE-2022-1996 Unknown
openssl-security@openssl.orgMariner CVE-2022-1292 Unknown
cve-coordination@google.comMariner CVE-2022-1941 Unknown
secalert@redhat.comMariner CVE-2022-0175 Unknown
secalert@redhat.comMariner CVE-2022-0135 Unknown
cve@mitre.orgMariner CVE-2021-44716 Unknown
cve@mitre.orgMariner CVE-2021-45985 Unknown
secalert@redhat.comMariner CVE-2021-3697 Unknown
cve@mitre.orgMariner CVE-2021-37501 Unknown
secalert@redhat.comMariner CVE-2021-3695 Unknown
secalert@redhat.comMariner CVE-2021-3696 Unknown
security@apache.orgMariner CVE-2021-36373 Unknown
secalert@redhat.comMariner CVE-2021-3468 Unknown
cve@mitre.orgMariner CVE-2022-33064 Unknown
cve-assignments@hackerone.comMariner CVE-2023-23916 Unknown
cve@mitre.orgMariner CVE-2022-34038 Unknown
secalert@redhat.comMariner CVE-2022-3650 Unknown
secalert@redhat.comMariner CVE-2023-2253 Unknown
cve-assignments@hackerone.comMariner CVE-2023-23914 Unknown
secalert@redhat.comMariner CVE-2023-1393 Unknown
openssl-security@openssl.orgMariner CVE-2023-0465 Unknown
openssl-security@openssl.orgMariner CVE-2023-0286 Unknown
openssl-security@openssl.orgMariner CVE-2023-0464 Unknown
openssl-security@openssl.orgMariner CVE-2023-0215 Unknown
cve@mitre.orgMariner CVE-2022-48285 Unknown
cve@mitre.orgMariner CVE-2022-48579 Unknown
cve@mitre.orgMariner CVE-2022-47085 Unknown
cve@mitre.orgMariner CVE-2022-45873 Unknown
secalert@redhat.comMariner CVE-2022-4415 Unknown
openssl-security@openssl.orgMariner CVE-2022-4450 Unknown
openssl-security@openssl.orgMariner CVE-2022-4304 Unknown
cve-assignments@hackerone.comMariner CVE-2022-43551 Unknown
cve@mitre.orgMariner CVE-2022-42915 Unknown
security@golang.orgMariner CVE-2022-41723 Unknown
security@golang.orgMariner CVE-2022-41717 Unknown
cve@mitre.orgMariner CVE-2022-40320 Unknown
secalert@redhat.comMariner CVE-2022-3854 Unknown
secalert@redhat.comMariner CVE-2022-3857 Unknown
secalert@redhat.comMariner CVE-2022-3821 Unknown
secalert@redhat.comMariner CVE-2022-3775 Unknown
cve@mitre.orgMariner CVE-2022-37616 Unknown
infosec@edk2.groups.ioMariner CVE-2022-36765 Unknown
infosec@edk2.groups.ioMariner CVE-2022-36764 Unknown
cna@vuldb.comMariner CVE-2022-3563 Unknown
infosec@edk2.groups.ioMariner CVE-2022-36763 Unknown
infosec@edk2.groups.ioMariner CVE-2023-45231 Unknown
infosec@edk2.groups.ioMariner CVE-2023-45232 Unknown
infosec@edk2.groups.ioMariner CVE-2023-45230 Unknown
cve@mitre.orgMariner CVE-2024-30202 Unknown
security-advisories@github.comMariner CVE-2024-29195 Unknown
cve@mitre.orgMariner CVE-2024-29166 Unknown
cve@mitre.orgMariner CVE-2024-29165 Unknown
cve@mitre.orgMariner CVE-2024-29162 Unknown
cve@mitre.orgMariner CVE-2024-29161 Unknown
cve@mitre.orgMariner CVE-2024-29160 Unknown
cve@mitre.orgMariner CVE-2024-29159 Unknown
security-advisories@github.comMariner CVE-2024-28863 Unknown
cve@mitre.orgMariner CVE-2024-28757 Unknown
security-advisories@github.comMariner CVE-2024-28182 Unknown
security@php.netMariner CVE-2024-2757 Unknown
security-advisories@github.comMariner CVE-2024-27308 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-27078 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-27058 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-27061 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-27038 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-27037 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26908 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26909 Unknown
cve@kernel.orgMariner CVE-2024-26902 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26903 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26901 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26898 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26882 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26883 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26881 Unknown
cve@mitre.orgMariner CVE-2024-31744 Unknown
cve@kernel.orgMariner CVE-2024-26581 Unknown
cve@mitre.orgMariner CVE-2024-30205 Unknown
jordan@liggitt.netMariner CVE-2024-3177 Unknown
cve@mitre.orgMariner CVE-2008-2149 Unknown
cve@mitre.orgMariner CVE-2017-16844 Unknown
secalert@redhat.comMariner CVE-2019-3833 Unknown
secalert@redhat.comMariner CVE-2022-2990 Unknown
cve@mitre.orgMariner CVE-2016-7567 Unknown
secalert@redhat.comMariner CVE-2004-2771 Unknown
cve@mitre.orgMariner CVE-2008-3908 Unknown
cve@mitre.orgMariner CVE-2019-17362 Unknown
secalert@redhat.comMariner CVE-2019-3816 Unknown
cve@mitre.orgMariner CVE-2019-19977 Unknown
vulnreport@tenable.comMariner CVE-2024-4323 Unknown
cve@mitre.orgMariner CVE-2024-33877 Unknown
secalert@redhat.comMariner CVE-2024-3727 Unknown
cve@mitre.orgMariner CVE-2024-33876 Unknown
cve@mitre.orgMariner CVE-2024-33873 Unknown
cve@mitre.orgMariner CVE-2024-32623 Unknown
cve@mitre.orgMariner CVE-2024-32621 Unknown
cve@mitre.orgMariner CVE-2024-32622 Unknown
cve@mitre.orgMariner CVE-2024-32616 Unknown
cve@mitre.orgMariner CVE-2024-32618 Unknown
cve@mitre.orgMariner CVE-2024-32615 Unknown
cve@mitre.orgMariner CVE-2024-32614 Unknown
cve@mitre.orgMariner CVE-2024-32611 Unknown
cve@mitre.orgMariner CVE-2024-32610 Unknown
cve@mitre.orgMariner CVE-2024-32609 Unknown
cve@mitre.orgMariner CVE-2024-32607 Unknown
cve@mitre.orgMariner CVE-2024-32487 Unknown
cve@mitre.orgMariner CVE-2024-31852 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26582 Unknown
cve@mitre.orgMariner CVE-2024-26455 Unknown
security-advisories@github.comMariner CVE-2024-25620 Unknown
cve@mitre.orgMariner CVE-2023-52071 Unknown
cve@mitre.orgMariner CVE-2023-51385 Unknown
cve@mitre.orgMariner CVE-2023-51714 Unknown
secalert@redhat.comMariner CVE-2023-5115 Unknown
secalert@redhat.comMariner CVE-2023-50782 Unknown
cve@mitre.orgMariner CVE-2023-51257 Unknown
cve@mitre.orgMariner CVE-2023-50658 Unknown
cve@mitre.orgMariner CVE-2023-49990 Unknown
cve@mitre.orgMariner CVE-2023-48795 Unknown
openssl-security@openssl.orgMariner CVE-2023-4807 Unknown
cve@mitre.orgMariner CVE-2023-47234 Unknown
cve-coordination@google.comMariner CVE-2023-4785 Unknown
cve@mitre.orgMariner CVE-2023-47235 Unknown
cve@mitre.orgMariner CVE-2023-47090 Unknown
secalert@redhat.comMariner CVE-2023-4693 Unknown
cve@mitre.orgMariner CVE-2023-46853 Unknown
secalert@redhat.comMariner CVE-2023-4692 Unknown
cve@mitre.orgMariner CVE-2023-46752 Unknown
cve@mitre.orgMariner CVE-2023-46753 Unknown
security-advisories@github.comMariner CVE-2023-46136 Unknown
security-advisories@github.comMariner CVE-2023-46129 Unknown
security@golang.orgMariner CVE-2023-45288 Unknown
secalert@redhat.comMariner CVE-2023-4535 Unknown
infosec@edk2.groups.ioMariner CVE-2023-45236 Unknown
infosec@edk2.groups.ioMariner CVE-2023-45237 Unknown
infosec@edk2.groups.ioMariner CVE-2023-45233 Unknown
infosec@edk2.groups.ioMariner CVE-2023-45234 Unknown
cve@mitre.orgMariner CVE-2023-51779 Unknown
cve@mitre.orgMariner CVE-2023-51764 Unknown
cve@mitre.orgMariner CVE-2023-52425 Unknown
cve@mitre.orgMariner CVE-2023-52426 Unknown
security@golang.orgMariner CVE-2024-24786 Unknown
security-advisories@github.comMariner CVE-2024-24758 Unknown
security-advisories@github.comMariner CVE-2024-24557 Unknown
cve@mitre.orgMariner CVE-2024-24259 Unknown
security-advisories@github.comMariner CVE-2024-23653 Unknown
security-advisories@github.comMariner CVE-2024-23652 Unknown
security-advisories@github.comMariner CVE-2024-23651 Unknown
security-advisories@github.comMariner CVE-2024-23650 Unknown
security@ubuntu.comMariner CVE-2024-2313 Unknown
security-advisories@github.comMariner CVE-2024-21646 Unknown
support@hackerone.comMariner CVE-2024-21890 Unknown
support@hackerone.comMariner CVE-2024-21891 Unknown
secalert@redhat.comMariner CVE-2024-1454 Unknown
secalert@redhat.comMariner CVE-2021-3502 Unknown
secalert@redhat.comMariner CVE-2024-1151 Unknown
MicrosoftMariner CVE-2024-0985 Unknown
secalert@redhat.comMariner CVE-2024-0690 Unknown
secalert@redhat.comMariner CVE-2024-0607 Unknown
secalert@redhat.comMariner CVE-2023-6915 Unknown
security@google.comMariner CVE-2023-6932 Unknown
security-officer@isc.orgMariner CVE-2023-6516 Unknown
openssl-security@openssl.orgMariner CVE-2023-6237 Unknown
secalert@redhat.comMariner CVE-2023-5764 Unknown
secalert@redhat.comMariner CVE-2023-5992 Unknown
openssl-security@openssl.orgMariner CVE-2023-5678 Unknown
security-officer@isc.orgMariner CVE-2023-5679 Unknown
secalert@redhat.comMariner CVE-2023-5408 Unknown
cve@mitre.orgMariner CVE-2023-52429 Unknown
openssl-security@openssl.orgMariner CVE-2024-0727 Unknown
secalert@redhat.comMariner CVE-2023-5156 Unknown
securities@openeuler.orgMariner CVE-2021-33645 Unknown
securities@openeuler.orgMariner CVE-2021-33640 Unknown
cve@mitre.orgMariner CVE-2024-32619 Unknown
cve@mitre.orgMariner CVE-2024-32612 Unknown
cve@mitre.orgMariner CVE-2024-32613 Unknown
cve@mitre.orgMariner CVE-2024-32605 Unknown
cve@mitre.orgMariner CVE-2024-30203 Unknown
cve@mitre.orgMariner CVE-2024-29164 Unknown
cve@mitre.orgMariner CVE-2024-29163 Unknown
cve@mitre.orgMariner CVE-2024-29158 Unknown
cve@mitre.orgMariner CVE-2024-29157 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-27391 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-27051 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-27045 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26907 Unknown
cve@kernel.orgMariner CVE-2024-26904 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26885 Unknown
416baaa9-dc9f-4396-8d5f-8c081fb06d67Mariner CVE-2024-26884 Unknown
cve@kernel.orgMariner CVE-2024-26585 Unknown
cve@kernel.orgMariner CVE-2024-26583 Unknown
security-advisories@github.comMariner CVE-2024-24806 Unknown
cve@mitre.orgMariner CVE-2024-25580 Unknown
cve@mitre.orgMariner CVE-2024-24258 Unknown
support@hackerone.comMariner CVE-2024-21896 Unknown
security@google.comMariner CVE-2024-1086 Unknown
secalert@redhat.comMariner CVE-2024-0567 Unknown
secalert@redhat.comMariner CVE-2024-0553 Unknown
security@google.comMariner CVE-2023-6111 Unknown
openssl-security@openssl.orgMariner CVE-2023-6129 Unknown
cve@mitre.orgMariner CVE-2024-32620 Unknown
security-officer@isc.orgMariner CVE-2023-5517 Unknown
cve@mitre.orgMariner CVE-2024-33875 Unknown
openssl-security@openssl.orgMariner CVE-2024-4603 Unknown
secalert@redhat.comMariner CVE-2024-1013 Unknown
secalert@redhat.comMariner CVE-2024-0874 Unknown
cna@python.orgMariner CVE-2024-0450 Unknown
cna@python.orgMariner CVE-2023-6597 Unknown
cve@mitre.orgMariner CVE-2023-52890 Unknown
psirt@us.ibm.comMariner CVE-2023-43040 Unknown
zdi-disclosures@trendmicro.comMariner CVE-2023-50229 Unknown
secalert@redhat.comMariner CVE-2023-3966 Unknown
cve@mitre.orgMariner CVE-2023-28531 Unknown
cve-coordination@google.comMariner CVE-2023-2976 Unknown
cve@mitre.orgMariner CVE-2019-9674 Unknown
report@snyk.ioMariner CVE-2021-23336 Unknown
cve@mitre.orgMariner CVE-2019-20907 Unknown
cve@mitre.orgMariner CVE-2017-18207 Unknown
cve@mitre.orgMariner CVE-2017-17522 Unknown
cve@mitre.orgMariner CVE-2007-4559 Unknown
facts@wolfssl.comMariner CVE-2024-0901 Unknown
secalert@redhat.comMariner CVE-2023-6779 Unknown
secalert@redhat.comMariner CVE-2023-6246 Unknown
secalert@redhat.comMariner CVE-2023-6780 Unknown
arm-security@arm.comMariner CVE-2023-4039 Unknown
secalert@redhat.comMariner CVE-2023-4911 Unknown
secalert@redhat.comMariner CVE-2023-4001 Unknown
security@golang.orgMariner CVE-2021-4238 Unknown
security@vmware.comMariner CVE-2019-5544 Unknown
security@elastic.coMariner CVE-2022-0699 Unknown
secalert@redhat.comMariner CVE-2014-3618 Unknown
cve@mitre.orgMariner CVE-2024-33874 Unknown
security@kubernetes.ioMariner CVE-2023-5528 Unknown
secalert@redhat.comMariner CVE-2023-5215 Unknown
cve@mitre.orgMariner CVE-2023-51384 Unknown
security-advisories@github.comMariner CVE-2022-23639 Unknown
secalert@redhat.comMariner CVE-2022-0670 Unknown
secalert@redhat.comMariner CVE-2021-3981 Unknown
cve@mitre.orgMariner CVE-2021-38190 Unknown
security@apache.orgMariner CVE-2021-36374 Unknown
securities@openeuler.orgMariner CVE-2021-33644 Unknown
cve@mitre.orgMariner CVE-2021-26720 Unknown
secalert@redhat.comMariner CVE-2020-25657 Unknown
cve@mitre.orgMariner CVE-2020-11655 Unknown
secalert_us@oracle.comMariner CVE-2019-2708 Unknown
cve@mitre.orgMariner CVE-2019-14274 Unknown
cve@mitre.orgMariner CVE-2018-6952 Unknown
cve@mitre.orgMariner CVE-2018-13410 Unknown
secalert_us@oracle.comMariner CVE-2017-3617 Unknown
secalert_us@oracle.comMariner CVE-2017-3611 Unknown
secalert_us@oracle.comMariner CVE-2017-3605 Unknown
cve@mitre.orgMariner CVE-2016-2781 Unknown
cve@mitre.orgMariner CVE-2014-9636 Unknown
secalert@redhat.comMariner CVE-2013-6381 Unknown
secalert@redhat.comMariner CVE-2008-0888 Unknown
cve@mitre.orgMariner CVE-2024-37535 Unknown
security-advisories@github.comMariner CVE-2024-32465 Unknown
security-advisories@github.comMariner CVE-2024-30260 Unknown
secalert@redhat.comMariner CVE-2024-2496 Unknown
support@hackerone.comMariner CVE-2024-22017 Unknown
security@php.netMariner CVE-2024-1874 Unknown
secalert@redhat.comMariner CVE-2023-7250 Unknown
security@ubuntu.comMariner CVE-2022-28735 Unknown
security@kubernetes.ioMariner CVE-2022-3162 Unknown
support@hackerone.comMariner CVE-2022-35260 Unknown
cve@mitre.orgMariner CVE-2022-37434 Unknown
security-advisories@github.comMariner CVE-2023-49083 Unknown
security-advisories@github.comMariner CVE-2023-47108 Unknown
cve@mitre.orgMariner CVE-2023-46813 Unknown
cve@mitre.orgMariner CVE-2023-46852 Unknown
cve@mitre.orgMariner CVE-2023-45853 Unknown
security-advisories@github.comMariner CVE-2023-46118 Unknown
infosec@edk2.groups.ioMariner CVE-2023-45235 Unknown
infosec@edk2.groups.ioMariner CVE-2023-45229 Unknown
security-advisories@github.comMariner CVE-2023-41051 Unknown
cve@mitre.orgMariner CVE-2023-38711 Unknown
cve@mitre.orgMariner CVE-2023-38712 Unknown
security-advisories@github.comMariner CVE-2023-37920 Unknown
cve@mitre.orgMariner CVE-2023-33460 Unknown
secalert@redhat.comMariner CVE-2024-1441 Unknown
cve@mitre.orgMariner CVE-2023-31975 Unknown
security-advisories@github.comMariner CVE-2023-27579 Unknown
support@hackerone.comMariner CVE-2023-27533 Unknown
support@hackerone.comMariner CVE-2023-27534 Unknown
security-advisories@github.comMariner CVE-2023-26484 Unknown
security-advisories@github.comMariner CVE-2023-25673 Unknown
security-advisories@github.comMariner CVE-2023-25667 Unknown
security-advisories@github.comMariner CVE-2023-25660 Unknown
security-advisories@github.comMariner CVE-2023-23931 Unknown
secalert@redhat.comMariner CVE-2023-1668 Unknown
secalert@redhat.comMariner CVE-2022-4904 Unknown
secalert@redhat.comMariner CVE-2022-4515 Unknown
cve@mitre.orgMariner CVE-2022-42916 Unknown
security-advisories@github.comMariner CVE-2022-39353 Unknown
secure@intel.comMariner CVE-2023-28736 Unknown
infosec@edk2.groups.ioMariner CVE-2024-1298 Unknown
secalert@redhat.comMariner CVE-2024-2002 Unknown
ykramarz@cisco.comMariner CVE-2024-20328 Unknown
cve@mitre.orgMariner CVE-2019-13232 Unknown
cve@mitre.orgMariner CVE-2019-11834 Unknown
cve@mitre.orgMariner CVE-2019-11835 Unknown
cve@mitre.orgMariner CVE-2018-5996 Unknown
cve@mitre.orgMariner CVE-2018-6951 Unknown
cve@mitre.orgMariner CVE-2018-25032 Unknown
cve@mitre.orgMariner CVE-2018-20969 Unknown
cve@mitre.orgMariner CVE-2018-20506 Unknown
cve@mitre.orgMariner CVE-2018-20169 Unknown
cve@mitre.orgMariner CVE-2018-20346 Unknown
cve@mitre.orgMariner CVE-2018-20505 Unknown
cve@mitre.orgMariner CVE-2018-18384 Unknown
cve@mitre.orgMariner CVE-2018-1999023 Unknown
cve@mitre.orgMariner CVE-2018-1000156 Unknown
secalert@redhat.comMariner CVE-2018-10906 Unknown
secalert@redhat.comMariner CVE-2018-1129 Unknown
cve@mitre.orgMariner CVE-2018-1000035 Unknown
cve@mitre.orgMariner CVE-2018-1000097 Unknown
secalert_us@oracle.comMariner CVE-2017-3615 Unknown
secalert_us@oracle.comMariner CVE-2017-3616 Unknown
secalert_us@oracle.comMariner CVE-2017-3613 Unknown
secalert_us@oracle.comMariner CVE-2017-3614 Unknown
secalert_us@oracle.comMariner CVE-2017-3612 Unknown
secalert_us@oracle.comMariner CVE-2017-3609 Unknown
secalert_us@oracle.comMariner CVE-2017-3610 Unknown
secalert_us@oracle.comMariner CVE-2017-3606 Unknown
secalert_us@oracle.comMariner CVE-2017-3607 Unknown
cve@mitre.orgMariner CVE-2019-13636 Unknown
secalert_us@oracle.comMariner CVE-2017-3608 Unknown
cve@mitre.orgMariner CVE-2019-13638 Unknown
cve@mitre.orgMariner CVE-2019-16168 Unknown
securities@openeuler.orgMariner CVE-2021-33643 Unknown
cve@mitre.orgMariner CVE-2021-33391 Unknown
cve@mitre.orgMariner CVE-2021-27378 Unknown
cve@mitre.orgMariner CVE-2021-3115 Unknown
security@kubernetes.ioMariner CVE-2020-8554 Unknown
secalert_us@oracle.comMariner CVE-2020-2981 Unknown
vuln@vdoo.comMariner CVE-2020-27304 Unknown
cve@mitre.orgMariner CVE-2020-28366 Unknown
secalert@redhat.comMariner CVE-2020-27815 Unknown
cve@mitre.orgMariner CVE-2020-22217 Unknown
cve@mitre.orgMariner CVE-2020-24370 Unknown
cve@mitre.orgMariner CVE-2020-18032 Unknown
cve@mitre.orgMariner CVE-2020-15586 Unknown
cve@mitre.orgMariner CVE-2020-13632 Unknown
cve@mitre.orgMariner CVE-2020-13631 Unknown
cve@mitre.orgMariner CVE-2020-13435 Unknown
cve@mitre.orgMariner CVE-2020-13630 Unknown
cve@mitre.orgMariner CVE-2020-11656 Unknown
cve@mitre.orgMariner CVE-2020-13434 Unknown
security-officer@isc.orgMariner CVE-2019-6470 Unknown
cve@mitre.orgMariner CVE-2019-9741 Unknown
cve@checkpoint.comMariner CVE-2019-8457 Unknown
cve@mitre.orgMariner CVE-2019-6293 Unknown
secalert_us@oracle.comMariner CVE-2019-3016 Unknown
cve@mitre.orgMariner CVE-2019-20503 Unknown
cve@mitre.orgMariner CVE-2019-19646 Unknown
cve@mitre.orgMariner CVE-2019-19645 Unknown
cve@mitre.orgMariner CVE-2019-19391 Unknown
securities@openeuler.orgMariner CVE-2021-33646 Unknown
cve@mitre.orgMariner CVE-2017-17969 Unknown
cve@mitre.orgMariner CVE-2016-9844 Unknown
security-advisories@github.comMariner CVE-2024-32020 Unknown
security-advisories@github.comMariner CVE-2024-32021 Unknown
security@php.netMariner CVE-2024-3096 Unknown
security-advisories@github.comMariner CVE-2024-30261 Unknown
secalert@redhat.comMariner CVE-2024-3154 Unknown
security-advisories@github.comMariner CVE-2024-29041 Unknown
security-advisories@github.comMariner CVE-2024-28849 Unknown
security-advisories@github.comMariner CVE-2024-28180 Unknown
support@hackerone.comMariner CVE-2024-27983 Unknown
security-advisories@github.comMariner CVE-2024-28110 Unknown
support@hackerone.comMariner CVE-2024-27982 Unknown
6f8de1f0-f67e-45a6-b68f-98777fdb759cMariner CVE-2024-27322 Unknown
security@php.netMariner CVE-2024-2756 Unknown
security-advisories@github.comMariner CVE-2024-34069 Unknown
security-advisories@github.comMariner CVE-2024-27289 Unknown
disclosure@hiddenlayer.comMariner CVE-2024-27318 Unknown
security-advisories@github.comMariner CVE-2024-26147 Unknown
security-advisories@github.comMariner CVE-2024-27099 Unknown
security-advisories@github.comMariner CVE-2024-25629 Unknown
openssl-security@openssl.orgMariner CVE-2024-2511 Unknown
security-advisories@github.comMariner CVE-2024-25110 Unknown
secalert@redhat.comMariner CVE-2024-2494 Unknown
security@php.netMariner CVE-2024-2408 Unknown
security-advisories@github.comMariner CVE-2024-22189 Unknown
support@hackerone.comMariner CVE-2024-22019 Unknown
support@hackerone.comMariner CVE-2024-22025 Unknown
support@hackerone.comMariner CVE-2024-21892 Unknown
secalert@redhat.comMariner CVE-2024-21885 Unknown
disclosure@hiddenlayer.comMariner CVE-2024-27319 Unknown
secalert_us@oracle.comMariner CVE-2017-3604 Unknown
security-advisories@github.comMariner CVE-2024-34064 Unknown
security-advisories@github.comMariner CVE-2024-35195 Unknown
cve@mitre.orgMariner CVE-2016-9296 Unknown
cve@mitre.orgMariner CVE-2015-7697 Unknown
cve@mitre.orgMariner CVE-2015-7696 Unknown
secalert@redhat.comMariner CVE-2015-5157 Unknown
cve@mitre.orgMariner CVE-2014-9913 Unknown
vultures@jpcert.or.jpMariner CVE-2015-2987 Unknown
secalert@redhat.comMariner CVE-2014-8141 Unknown
secalert@redhat.comMariner CVE-2014-8140 Unknown
secalert@redhat.comMariner CVE-2014-0069 Unknown
secalert@redhat.comMariner CVE-2014-8139 Unknown
chrome-cve-admin@google.comMariner CVE-2014-3185 Unknown
secalert@redhat.comMariner CVE-2013-4342 Unknown
security-advisories@github.comMariner CVE-2024-34062 Unknown
secalert@redhat.comMariner CVE-2013-4420 Unknown
secalert@redhat.comMariner CVE-2013-2094 Unknown
cve@mitre.orgMariner CVE-2010-2891 Unknown
cve@mitre.orgMariner CVE-2007-2768 Unknown
security@php.netMariner CVE-2024-5585 Unknown
security@php.netMariner CVE-2024-5458 Unknown
secalert@redhat.comMariner CVE-2024-5564 Unknown
security@php.netMariner CVE-2024-4577 Unknown
cna@postgresql.orgMariner CVE-2024-4317 Unknown
secalert@redhat.comMariner CVE-2024-4418 Unknown
oss-report@checkmarx.comMariner CVE-2024-4068 Unknown
security@hashicorp.comMariner CVE-2024-3817 Unknown
cve@mitre.orgMariner CVE-2024-38428 Unknown
security-advisories@github.comMariner CVE-2024-35176 Unknown
cve@mitre.orgMariner CVE-2012-6687 Unknown
security-advisories@github.comMariner CVE-2024-27304 Unknown
HackerOneOpen Source Software CVE-2022-43552 Open Source Curl Remote Code Execution Vulnerability

CVE-2023-3446 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-3446
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-3446
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1.1.1k-28 Unknown None
CBL Mariner 2.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1.1.1k-28 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-3446 None

CVE-2023-7250 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-7250
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/03/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-7250
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM iperf3 (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
3.17-1 Unknown None
CBL Mariner 2.0 x64 iperf3 (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
3.17-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-7250 None

CVE-2024-1874 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-1874
MITRE
NVD

Issuing CNA: security@php.net

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,4/TemporalScore:9,4
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    29/04/2024    

Information published.


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-1874
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 9,4
Temporal: 9,4
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
8.3.8-1 Unknown None
Azure Linux 3.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 9,4
Temporal: 9,4
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
8.3.8-1 Unknown None
CBL Mariner 2.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 9,4
Temporal: 9,4
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
8.1.28-1 Unknown None
CBL Mariner 2.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 9,4
Temporal: 9,4
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
8.1.28-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-1874 None

CVE-2024-22017 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-22017
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,3/TemporalScore:7,3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeChanged
ConfidentialityLow
IntegrityHigh
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/03/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-22017
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libuv (CBL-Mariner)
nodejs (CBL-Mariner)
Unknown Unknown Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L
1.48.0-1
20.14.0-1
None
Azure Linux 3.0 x64 libuv (CBL-Mariner)
nodejs (CBL-Mariner)
Unknown Unknown Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L
1.48.0-1
20.14.0-1
None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner) Unknown Unknown None Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L
18.20.2-1 Unknown None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner) Unknown Unknown None Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L
18.20.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-22017 None

CVE-2024-2496 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-2496
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5/TemporalScore:5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-2496
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM libvirt (CBL-Mariner) Unknown Unknown None Base: 5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
7.10.0-8 Unknown None
CBL Mariner 2.0 x64 libvirt (CBL-Mariner) Unknown Unknown None Base: 5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
7.10.0-8 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-2496 None

CVE-2024-30260 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30260
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,9/TemporalScore:3,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionRequired
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    15/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30260
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 3,9
Temporal: 3,9
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 3,9
Temporal: 3,9
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner) Unknown Unknown None Base: 3,9
Temporal: 3,9
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
18.20.2-1 Unknown None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner) Unknown Unknown None Base: 3,9
Temporal: 3,9
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
18.20.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30260 None

CVE-2024-32465 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32465
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,3/TemporalScore:7,3
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    17/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32465
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM git (CBL-Mariner) Unknown Unknown None Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2.39.4-1 Unknown None
CBL Mariner 2.0 x64 git (CBL-Mariner) Unknown Unknown None Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2.39.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32465 None

CVE-2024-37535 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-37535
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-37535
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM vte291 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
0.66.2-3 Unknown None
CBL Mariner 2.0 x64 vte291 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
0.66.2-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-37535 None

CVE-2008-0888 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2008-0888
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/09/2020    

Information published.


2.0    16/12/2021    

Added unzip to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2008-0888
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-20 Unknown None
Azure Linux 3.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-20 Unknown None
CBL Mariner 1.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-16 Unknown None
CBL Mariner 1.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-16 Unknown None
CBL Mariner 2.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-19 Unknown None
CBL Mariner 2.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-19 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2008-0888 None

CVE-2013-6381 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2013-6381
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2013-6381
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-4 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-4 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.148.2-2 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.148.2-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2013-6381 None

CVE-2014-9636 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2014-9636
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added unzip to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2014-9636
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-20 Unknown None
Azure Linux 3.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-20 Unknown None
CBL Mariner 1.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-16 Unknown None
CBL Mariner 1.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-16 Unknown None
CBL Mariner 2.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-19 Unknown None
CBL Mariner 2.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-19 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2014-9636 None

CVE-2016-2781 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2016-2781
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/09/2020    

Information published.


2.0    16/12/2021    

Added coreutils to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2016-2781
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM coreutils (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
9.4-1 Unknown None
Azure Linux 3.0 x64 coreutils (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
9.4-1 Unknown None
CBL Mariner 1.0 ARM coreutils (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
8.30-7 Unknown None
CBL Mariner 1.0 x64 coreutils (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
8.30-7 Unknown None
CBL Mariner 2.0 ARM coreutils (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
8.32-1 Unknown None
CBL Mariner 2.0 x64 coreutils (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
8.32-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2016-2781 None

CVE-2017-3605 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3605
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3605
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3605 None

CVE-2017-3611 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3611
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3611
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3611 None

CVE-2017-3617 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3617
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3617
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3617 None

CVE-2018-13410 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-13410
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added zip to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-13410
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM zip (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.0-6 Unknown None
Azure Linux 3.0 x64 zip (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.0-6 Unknown None
CBL Mariner 1.0 ARM zip (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.0-5 Unknown None
CBL Mariner 1.0 x64 zip (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.0-5 Unknown None
CBL Mariner 2.0 ARM zip (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.0-5 Unknown None
CBL Mariner 2.0 x64 zip (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.0-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-13410 None

CVE-2018-6952 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-6952
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added patch to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-6952
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.6-9 Unknown None
Azure Linux 3.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.6-9 Unknown None
CBL Mariner 1.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.6-7 Unknown None
CBL Mariner 1.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.6-7 Unknown None
CBL Mariner 2.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.6-7 Unknown None
CBL Mariner 2.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.6-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-6952 None

CVE-2019-14274 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-14274
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/12/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-14274
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM mcpp (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.7.2-28 Unknown None
Azure Linux 3.0 x64 mcpp (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.7.2-28 Unknown None
CBL Mariner 2.0 ARM mcpp (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.7.2-28 Unknown None
CBL Mariner 2.0 x64 mcpp (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.7.2-28 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-14274 None

CVE-2019-2708 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-2708
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,3/TemporalScore:3,3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-2708
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
5.3.28-6 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
5.3.28-6 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-2708 None

CVE-2020-11655 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-11655
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-11655
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-11655 None

CVE-2020-25657 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-25657
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/07/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-25657
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM m2crypto (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.38.0-3 Unknown None
Azure Linux 3.0 x64 m2crypto (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.38.0-3 Unknown None
CBL Mariner 2.0 ARM m2crypto (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.38.0-3 Unknown None
CBL Mariner 2.0 x64 m2crypto (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.38.0-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-25657 None

CVE-2021-26720 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-26720
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/12/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-26720
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM avahi (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.8-1 Unknown None
Azure Linux 3.0 x64 avahi (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.8-1 Unknown None
CBL Mariner 2.0 ARM avahi (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.8-1 Unknown None
CBL Mariner 2.0 x64 avahi (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.8-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-26720 None

CVE-2021-33644 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-33644
MITRE
NVD

Issuing CNA: securities@openeuler.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,1/TemporalScore:8,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/08/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-33644
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1.2.20-11 Unknown None
Azure Linux 3.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1.2.20-11 Unknown None
CBL Mariner 1.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1.2.20-10 Unknown None
CBL Mariner 1.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1.2.20-10 Unknown None
CBL Mariner 2.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1.2.20-10 Unknown None
CBL Mariner 2.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
1.2.20-10 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-33644 None

CVE-2021-36374 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-36374
MITRE
NVD

Issuing CNA: security@apache.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    17/07/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-36374
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM javapackages-bootstrap (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.14.0-2 Unknown None
Azure Linux 3.0 x64 javapackages-bootstrap (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.14.0-2 Unknown None
CBL Mariner 1.0 ARM ant (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.10.11-1 Unknown None
CBL Mariner 1.0 x64 ant (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.10.11-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-36374 None

CVE-2021-38190 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-38190
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-38190
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM librsvg2 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.58.1-1 Unknown None
Azure Linux 3.0 x64 librsvg2 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.58.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-38190 None

CVE-2021-3981 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-3981
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,3/TemporalScore:3,3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    15/03/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-3981
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2.06-14 Unknown None
Azure Linux 3.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2.06-14 Unknown None
CBL Mariner 1.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2.06~rc1-8 Unknown None
CBL Mariner 1.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2.06~rc1-8 Unknown None
CBL Mariner 2.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2.06-5 Unknown None
CBL Mariner 2.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2.06-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-3981 None

CVE-2022-0670 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-0670
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,1/TemporalScore:9,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/08/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-0670
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
18.2.1-1 Unknown None
CBL Mariner 1.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
16.2.10-1 Unknown None
CBL Mariner 1.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
16.2.10-1 Unknown None
CBL Mariner 2.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
16.2.10-1 Unknown None
CBL Mariner 2.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
16.2.10-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-0670 None

CVE-2022-23639 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-23639
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,1/TemporalScore:8,1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-23639
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM librsvg2 (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2.58.1-1 Unknown None
Azure Linux 3.0 x64 librsvg2 (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2.58.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-23639 None

CVE-2022-28735 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-28735
MITRE
NVD

Issuing CNA: security@ubuntu.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    29/07/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-28735
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-14 Unknown None
Azure Linux 3.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-14 Unknown None
CBL Mariner 2.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-12 Unknown None
CBL Mariner 2.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-28735 None

CVE-2022-3162 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-3162
MITRE
NVD

Issuing CNA: security@kubernetes.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06/03/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-3162
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM keda (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.14.0-1 Unknown None
Azure Linux 3.0 x64 keda (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.14.0-1 Unknown None
CBL Mariner 2.0 ARM cert-manager (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1.11.2-1 Unknown None
CBL Mariner 2.0 x64 cert-manager (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1.11.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-3162 None

CVE-2022-35260 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-35260
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-35260
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-35260 None

CVE-2022-37434 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-37434
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/08/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-37434
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM crash (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.0.4-2 Unknown None
Azure Linux 3.0 x64 crash (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.0.4-2 Unknown None
CBL Mariner 1.0 ARM zlib (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.2.12-2 Unknown None
CBL Mariner 1.0 x64 zlib (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.2.12-2 Unknown None
CBL Mariner 2.0 ARM zlib (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.2.12-2 Unknown None
CBL Mariner 2.0 x64 zlib (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.2.12-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-37434 None

CVE-2022-39353 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-39353
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-39353
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.16.2-1 Unknown None
Azure Linux 3.0 x64 python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.16.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-39353 None

CVE-2022-42916 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-42916
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09/11/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-42916
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.16.1-1 Unknown None
CBL Mariner 1.0 ARM curl (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.86.0-1 Unknown None
CBL Mariner 1.0 x64 curl (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.86.0-1 Unknown None
CBL Mariner 2.0 ARM curl (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.86.0-1 Unknown None
CBL Mariner 2.0 x64 curl (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.86.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-42916 None

CVE-2022-4515 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-4515
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/12/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-4515
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ctags (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.1.0-1 Unknown None
Azure Linux 3.0 x64 ctags (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.1.0-1 Unknown None
CBL Mariner 2.0 ARM ctags (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
5.9.20220619.0-7 Unknown None
CBL Mariner 2.0 x64 ctags (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
5.9.20220619.0-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-4515 None

CVE-2022-4904 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-4904
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,6/TemporalScore:8,6
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07/03/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-4904
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grpc (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1.62.0-2 Unknown None
Azure Linux 3.0 x64 grpc (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1.62.0-2 Unknown None
CBL Mariner 1.0 ARM c-ares (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1.19.0-1 Unknown None
CBL Mariner 1.0 x64 c-ares (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1.19.0-1 Unknown None
CBL Mariner 2.0 ARM c-ares (CBL-Mariner)
nodejs (CBL-Mariner)
python-gevent (CBL-Mariner)
Unknown Unknown Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1.19.0-1
16.20.1-2
21.1.2-1
None
CBL Mariner 2.0 x64 c-ares (CBL-Mariner)
nodejs (CBL-Mariner)
python-gevent (CBL-Mariner)
Unknown Unknown Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
1.19.0-1
16.20.1-2
21.1.2-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-4904 None

CVE-2023-1668 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-1668
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,2/TemporalScore:8,2
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    11/04/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-1668
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openvswitch (CBL-Mariner) Unknown Unknown None Base: 8,2
Temporal: 8,2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
2.17.5-3 Unknown None
Azure Linux 3.0 x64 openvswitch (CBL-Mariner) Unknown Unknown None Base: 8,2
Temporal: 8,2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
2.17.5-3 Unknown None
CBL Mariner 2.0 ARM openvswitch (CBL-Mariner) Unknown Unknown None Base: 8,2
Temporal: 8,2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
2.17.5-2 Unknown None
CBL Mariner 2.0 x64 openvswitch (CBL-Mariner) Unknown Unknown None Base: 8,2
Temporal: 8,2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
2.17.5-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-1668 None

CVE-2023-23931 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-23931
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-23931
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-cryptography (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
3.3.2-5 Unknown None
Azure Linux 3.0 x64 python-cryptography (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
3.3.2-5 Unknown None
CBL Mariner 1.0 ARM python-cryptography (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
3.3.2-2 Unknown None
CBL Mariner 1.0 x64 python-cryptography (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
3.3.2-2 Unknown None
CBL Mariner 2.0 ARM python-cryptography (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
3.3.2-4 Unknown None
CBL Mariner 2.0 x64 python-cryptography (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
3.3.2-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-23931 None

CVE-2023-25660 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25660
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25660
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25660 None

CVE-2023-25667 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25667
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25667
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25667 None

CVE-2023-25673 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25673
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25673
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25673 None

CVE-2023-26484 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-26484
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,2/TemporalScore:8,2
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-26484
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kubevirt (CBL-Mariner) Unknown Unknown None Base: 8,2
Temporal: 8,2
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
1.2.0-1 Unknown None
Azure Linux 3.0 x64 kubevirt (CBL-Mariner) Unknown Unknown None Base: 8,2
Temporal: 8,2
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
1.2.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-26484 None

CVE-2023-27534 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-27534
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01/04/2023    

Information published.


1.0    03/04/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-27534
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.28.2-1
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.28.2-1
2.16.1-1
None
CBL Mariner 2.0 ARM curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.0.1-1
8.0.34-1
1.72.0-2
None
CBL Mariner 2.0 x64 curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.0.1-1
8.0.34-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-27534 None

CVE-2023-27533 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-27533
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01/04/2023    

Information published.


1.0    04/04/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-27533
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.28.2-1
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.28.2-1
2.16.1-1
None
CBL Mariner 2.0 ARM curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.0.1-1
8.0.34-1
1.72.0-2
None
CBL Mariner 2.0 x64 curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.0.1-1
8.0.34-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-27533 None

CVE-2023-27579 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-27579
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-27579
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-27579 None

CVE-2023-28736 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-28736
MITRE
NVD

Issuing CNA: secure@intel.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,7/TemporalScore:6,7
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-28736
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM mdadm (CBL-Mariner) Unknown Unknown None Base: 6,7
Temporal: 6,7
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
4.2-1 Unknown None
Azure Linux 3.0 x64 mdadm (CBL-Mariner) Unknown Unknown None Base: 6,7
Temporal: 6,7
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
4.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-28736 None

CVE-2023-31975 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-31975
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,3/TemporalScore:3,3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/05/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-31975
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM yasm (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1.3.0-14 Unknown None
Azure Linux 3.0 x64 yasm (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1.3.0-14 Unknown None
CBL Mariner 1.0 ARM yasm (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1.3.0-14 Unknown None
CBL Mariner 1.0 x64 yasm (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1.3.0-14 Unknown None
CBL Mariner 2.0 ARM yasm (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1.3.0-14 Unknown None
CBL Mariner 2.0 x64 yasm (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1.3.0-14 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-31975 None

CVE-2023-33460 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-33460
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/06/2023    

Information published.


2.0    14/06/2023    

Added yajl to CBL-Mariner 1.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-33460
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM yajl (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.1.0-19 Unknown None
Azure Linux 3.0 x64 yajl (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.1.0-19 Unknown None
CBL Mariner 1.0 ARM yajl (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.1.0-18 Unknown None
CBL Mariner 1.0 x64 yajl (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.1.0-18 Unknown None
CBL Mariner 2.0 ARM yajl (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.1.0-19 Unknown None
CBL Mariner 2.0 x64 yajl (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.1.0-19 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-33460 None

CVE-2023-37920 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-37920
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-37920
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-certifi (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2024.02.02-1 Unknown None
Azure Linux 3.0 x64 python-certifi (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2024.02.02-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-37920 None

CVE-2023-38712 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-38712
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    26/08/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-38712
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libreswan (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7-6 Unknown None
Azure Linux 3.0 x64 libreswan (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7-6 Unknown None
CBL Mariner 2.0 ARM libreswan (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7-5 Unknown None
CBL Mariner 2.0 x64 libreswan (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-38712 None

CVE-2023-38711 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-38711
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    26/08/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-38711
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libreswan (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7-6 Unknown None
Azure Linux 3.0 x64 libreswan (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7-6 Unknown None
CBL Mariner 2.0 ARM libreswan (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7-5 Unknown None
CBL Mariner 2.0 x64 libreswan (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-38711 None

CVE-2023-41051 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-41051
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,7/TemporalScore:4,7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/09/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-41051
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kata-containers (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
3.2.0.azl0-2 Unknown None
Azure Linux 3.0 x64 kata-containers (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
3.2.0.azl0-2 Unknown None
CBL Mariner 2.0 ARM kata-containers (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
3.2.0.azl0-1 Unknown None
CBL Mariner 2.0 x64 kata-containers (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
3.2.0.azl0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-41051 None

CVE-2023-45229 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45229
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45229
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.0.1-3 Unknown None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.0.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45229 None

CVE-2023-45235 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45235
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45235
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.0.1-3 Unknown None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.0.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45235 None

CVE-2023-46118 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-46118
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,9/TemporalScore:4,9
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-46118
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM rabbitmq-server (CBL-Mariner) Unknown Unknown None Base: 4,9
Temporal: 4,9
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
3.13.0-1 Unknown None
Azure Linux 3.0 x64 rabbitmq-server (CBL-Mariner) Unknown Unknown None Base: 4,9
Temporal: 4,9
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
3.13.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-46118 None

CVE-2023-45853 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45853
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/10/2023    

Information published.


2.0    17/10/2023    

Added tcl to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45853
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM keras (CBL-Mariner)
rust (CBL-Mariner)
tcl (CBL-Mariner)
zlib (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1.1-1
1.75.0-1
8.6.13-3
1.3.1-1
None
Azure Linux 3.0 x64 keras (CBL-Mariner)
rust (CBL-Mariner)
tcl (CBL-Mariner)
zlib (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1.1-1
1.75.0-1
8.6.13-3
1.3.1-1
None
CBL Mariner 2.0 ARM boost (CBL-Mariner)
cloud-hypervisor (CBL-Mariner)
rust (CBL-Mariner)
tcl (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.76.0-4
32.0-2
1.72.0-5
8.6.13-3
None
CBL Mariner 2.0 x64 boost (CBL-Mariner)
cloud-hypervisor (CBL-Mariner)
rust (CBL-Mariner)
tcl (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.76.0-4
32.0-2
1.72.0-5
8.6.13-3
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45853 None

CVE-2023-46852 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-46852
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    31/10/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-46852
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM memcached (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.6.27-1 Unknown None
Azure Linux 3.0 x64 memcached (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.6.27-1 Unknown None
CBL Mariner 2.0 ARM memcached (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.6.22-1 Unknown None
CBL Mariner 2.0 x64 memcached (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.6.22-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-46852 None

CVE-2023-46813 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-46813
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/11/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-46813
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-1 Unknown None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-1 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.137.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.137.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-46813 None

CVE-2023-47108 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-47108
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/11/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-47108
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
moby-containerd-cc (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.14.0-1
2.27.0-1
1.7.7-3
None
Azure Linux 3.0 x64 docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
moby-containerd-cc (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.14.0-1
2.27.0-1
1.7.7-3
None
CBL Mariner 2.0 ARM moby-containerd-cc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.7.2-3 Unknown None
CBL Mariner 2.0 x64 moby-containerd-cc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.7.2-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-47108 None

CVE-2023-49083 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-49083
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    04/12/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-49083
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-cryptography (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
42.0.5-1 Unknown None
Azure Linux 3.0 x64 python-cryptography (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
42.0.5-1 Unknown None
CBL Mariner 2.0 ARM python-cryptography (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.3.2-6 Unknown None
CBL Mariner 2.0 x64 python-cryptography (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.3.2-6 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-49083 None

CVE-2023-51384 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-51384
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/12/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-51384
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openssh (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
9.7p1-1 Unknown None
Azure Linux 3.0 x64 openssh (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
9.7p1-1 Unknown None
CBL Mariner 2.0 ARM openssh (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
8.9p1-3 Unknown None
CBL Mariner 2.0 x64 openssh (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
8.9p1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-51384 None

CVE-2023-5215 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5215
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06/10/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5215
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libnbd (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.12.1-3 Unknown None
Azure Linux 3.0 x64 libnbd (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.12.1-3 Unknown None
CBL Mariner 2.0 ARM libnbd (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.12.1-3 Unknown None
CBL Mariner 2.0 x64 libnbd (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.12.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5215 None

CVE-2023-5528 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5528
MITRE
NVD

Issuing CNA: security@kubernetes.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    20/11/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5528
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kubernetes (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.28.7-2 Unknown None
Azure Linux 3.0 x64 kubernetes (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.28.7-2 Unknown None
CBL Mariner 2.0 ARM kubernetes (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.28.4-1 Unknown None
CBL Mariner 2.0 x64 kubernetes (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.28.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5528 None

CVE-2023-5517 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5517
MITRE
NVD

Issuing CNA: security-officer@isc.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5517
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.19.21-1 Unknown None
Azure Linux 3.0 x64 bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.19.21-1 Unknown None
CBL Mariner 2.0 ARM bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.48-1 Unknown None
CBL Mariner 2.0 x64 bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.48-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5517 None

CVE-2023-6129 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6129
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/01/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6129
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
20.14.0-1
3.3.0-1
None
Azure Linux 3.0 x64 nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
20.14.0-1
3.3.0-1
None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
18.20.2-1 Unknown None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
18.20.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6129 None

CVE-2023-6111 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6111
MITRE
NVD

Issuing CNA: security@google.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/12/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6111
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-4 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-4 Unknown None
CBL Mariner 2.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.143.1-1 Unknown None
CBL Mariner 2.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.143.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6111 None

CVE-2024-0553 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-0553
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-0553
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM gnutls (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.8.3-1 Unknown None
Azure Linux 3.0 x64 gnutls (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.8.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-0553 None

CVE-2024-0567 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-0567
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/01/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-0567
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM gnutls (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.8.3-1 Unknown None
Azure Linux 3.0 x64 gnutls (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.8.3-1 Unknown None
CBL Mariner 2.0 ARM gnutls (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.7.7-4 Unknown None
CBL Mariner 2.0 x64 gnutls (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.7.7-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-0567 None

CVE-2024-1086 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-1086
MITRE
NVD

Issuing CNA: security@google.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-1086
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.22.1-2 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.22.1-2 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.153.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.153.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-1086 None

CVE-2024-21896 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21896
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,9/TemporalScore:7,9
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21896
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 7,9
Temporal: 7,9
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 7,9
Temporal: 7,9
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
20.14.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21896 None

CVE-2024-24258 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-24258
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-24258
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM freeglut (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.4.0-1 Unknown None
Azure Linux 3.0 x64 freeglut (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.4.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-24258 None

CVE-2024-25580 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-25580
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-25580
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM qtbase (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.2-1 Unknown None
Azure Linux 3.0 x64 qtbase (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-25580 None

CVE-2024-24806 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-24806
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,3/TemporalScore:7,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/02/2024    

Information published.


2.0    15/02/2024    

Added libuv to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-24806
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
libuv (CBL-Mariner)
nodejs (CBL-Mariner)
Unknown Unknown Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
3.28.2-6
1.48.0-1
20.14.0-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
libuv (CBL-Mariner)
nodejs (CBL-Mariner)
Unknown Unknown Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
3.28.2-6
1.48.0-1
20.14.0-1
None
CBL Mariner 2.0 ARM libuv (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1.43.0-2
18.18.2-4
None
CBL Mariner 2.0 x64 libuv (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1.43.0-2
18.18.2-4
None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-24806 None

CVE-2024-26583 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26583
MITRE
NVD

Issuing CNA: cve@kernel.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,7/TemporalScore:4,7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/03/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26583
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner)
kernel (CBL-Mariner)
Unknown Unknown Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.22.1-2 None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner)
kernel (CBL-Mariner)
Unknown Unknown Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.22.1-2 None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.158.2-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.158.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26583 None

CVE-2024-26585 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26585
MITRE
NVD

Issuing CNA: cve@kernel.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,7/TemporalScore:4,7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    15/03/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26585
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.22.1-2 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.22.1-2 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.158.2-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.158.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26585 None

CVE-2024-26884 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26884
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26884
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-3 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26884 None

CVE-2024-26885 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26885
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26885
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-3 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26885 None

CVE-2024-26904 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26904
MITRE
NVD

Issuing CNA: cve@kernel.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26904
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-3 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-3 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.158.2-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.158.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26904 None

CVE-2024-26907 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26907
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26907
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-3 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26907 None

CVE-2024-27045 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27045
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27045
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27045 None

CVE-2024-27051 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27051
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27051
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27051 None

CVE-2024-27391 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27391
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27391
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27391 None

CVE-2024-29157 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29157
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29157
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29157 None

CVE-2024-29158 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29158
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29158
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29158 None

CVE-2024-29163 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29163
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29163
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29163 None

CVE-2024-29164 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29164
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29164
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29164 None

CVE-2024-30203 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30203
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30203
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM emacs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
29.3-1 Unknown None
Azure Linux 3.0 x64 emacs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
29.3-1 Unknown None
CBL Mariner 2.0 ARM emacs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
29.3-1 Unknown None
CBL Mariner 2.0 x64 emacs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
29.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30203 None

CVE-2024-32605 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32605
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32605
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32605 None

CVE-2024-32613 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32613
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32613
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32613 None

CVE-2024-32612 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32612
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32612
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32612 None

CVE-2024-32619 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32619
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32619
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32619 None

CVE-2024-32620 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32620
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32620
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32620 None

CVE-2024-33875 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-33875
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-33875
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-33875 None

CVE-2024-33874 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-33874
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-33874
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-33874 None

CVE-2024-4603 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-4603
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-4603
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
18.20.2-1 Unknown None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
18.20.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-4603 None

CVE-2014-3618 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2014-3618
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/12/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2014-3618
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM procmail (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.22-53 Unknown None
Azure Linux 3.0 x64 procmail (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.22-53 Unknown None
CBL Mariner 2.0 ARM procmail (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.22-53 Unknown None
CBL Mariner 2.0 x64 procmail (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.22-53 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2014-3618 None

CVE-2022-0699 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-0699
MITRE
NVD

Issuing CNA: security@elastic.co

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/09/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-0699
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM shapelib (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.5.0-3 Unknown None
Azure Linux 3.0 x64 shapelib (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.5.0-3 Unknown None
CBL Mariner 2.0 ARM shapelib (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.5.0-3 Unknown None
CBL Mariner 2.0 x64 shapelib (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.5.0-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-0699 None

CVE-2019-5544 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-5544
MITRE
NVD

Issuing CNA: security@vmware.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/01/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-5544
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openslp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.0.0-26 Unknown None
Azure Linux 3.0 x64 openslp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.0.0-26 Unknown None
CBL Mariner 2.0 ARM openslp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.0.0-26 Unknown None
CBL Mariner 2.0 x64 openslp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.0.0-26 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-5544 None

CVE-2021-4238 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-4238
MITRE
NVD

Issuing CNA: security@golang.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,1/TemporalScore:9,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-4238
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM influxdb (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
2.7.3-3 Unknown None
Azure Linux 3.0 x64 influxdb (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
2.7.3-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-4238 None

CVE-2023-4001 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-4001
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,8/TemporalScore:6,8
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-4001
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 6,8
Temporal: 6,8
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.12-1 Unknown None
Azure Linux 3.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 6,8
Temporal: 6,8
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.12-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-4001 None

CVE-2023-4911 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-4911
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/10/2023    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-4911
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM glibc (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.38-6 Unknown None
Azure Linux 3.0 x64 glibc (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.38-6 Unknown None
CBL Mariner 2.0 ARM glibc (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.35-5 Unknown None
CBL Mariner 2.0 x64 glibc (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.35-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-4911 None

CVE-2023-4039 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-4039
MITRE
NVD

Issuing CNA: arm-security@arm.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,8/TemporalScore:4,8
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    15/09/2023    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-4039
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM gcc (CBL-Mariner) Unknown Unknown None Base: 4,8
Temporal: 4,8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
13.2.0-7 Unknown None
Azure Linux 3.0 x64 gcc (CBL-Mariner) Unknown Unknown None Base: 4,8
Temporal: 4,8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
13.2.0-7 Unknown None
CBL Mariner 2.0 ARM gcc (CBL-Mariner) Unknown Unknown None Base: 4,8
Temporal: 4,8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
11.2.0-6 Unknown None
CBL Mariner 2.0 x64 gcc (CBL-Mariner) Unknown Unknown None Base: 4,8
Temporal: 4,8
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
11.2.0-6 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-4039 None

CVE-2023-6780 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6780
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6780
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM glibc (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2.38-6 Unknown None
Azure Linux 3.0 x64 glibc (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2.38-6 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6780 None

CVE-2023-6246 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6246
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6246
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM glibc (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.38-6 Unknown None
Azure Linux 3.0 x64 glibc (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.38-6 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6246 None

CVE-2023-6779 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6779
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6779
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM glibc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.38-6 Unknown None
Azure Linux 3.0 x64 glibc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.38-6 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6779 None

CVE-2024-0901 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-0901
MITRE
NVD

Issuing CNA: facts@wolfssl.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeChanged
ConfidentialityNone
IntegrityLow
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-0901
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM mariadb (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H
10.11.6-3 Unknown None
Azure Linux 3.0 x64 mariadb (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H
10.11.6-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-0901 None

CVE-2007-4559 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2007-4559
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/09/2020    

Information published.


2.0    16/12/2021    

Added python3 to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


1.0    04/07/2024    

Information published.


1.0    05/07/2024    

Information published.


1.0    06/07/2024    

Information published.


1.0    07/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2007-4559
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 1.0 ARM python2 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.7.18-5 Unknown None
CBL Mariner 1.0 x64 python2 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.7.18-5 Unknown None
CBL Mariner 2.0 ARM python3 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.9.19-1 Unknown None
CBL Mariner 2.0 x64 python3 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.9.19-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2007-4559 None

CVE-2017-17522 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-17522
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


1.0    04/07/2024    

Information published.


1.0    05/07/2024    

Information published.


1.0    06/07/2024    

Information published.


1.0    07/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-17522
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 1.0 ARM python2 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.18-3 Unknown None
CBL Mariner 1.0 x64 python2 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.18-3 Unknown None
CBL Mariner 2.0 ARM Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Unknown Unknown None
CBL Mariner 2.0 x64 Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-17522 None

CVE-2017-18207 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-18207
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


1.0    04/07/2024    

Information published.


1.0    05/07/2024    

Information published.


1.0    06/07/2024    

Information published.


1.0    07/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-18207
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 1.0 ARM python2 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.7.18-5 Unknown None
CBL Mariner 1.0 x64 python2 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.7.18-5 Unknown None
CBL Mariner 2.0 ARM Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Unknown Unknown None
CBL Mariner 2.0 x64 Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-18207 None

CVE-2019-20907 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-20907
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


1.0    04/07/2024    

Information published.


1.0    05/07/2024    

Information published.


1.0    06/07/2024    

Information published.


1.0    07/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-20907
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 1.0 ARM python2 (CBL-Mariner)
python3 (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.18-5
3.7.10-3
None
CBL Mariner 1.0 x64 python2 (CBL-Mariner)
python3 (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.18-5
3.7.10-3
None
CBL Mariner 2.0 ARM Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None
CBL Mariner 2.0 x64 Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-20907 None

CVE-2021-23336 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-23336
MITRE
NVD

Issuing CNA: report@snyk.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/02/2021    

Information published.


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


1.0    04/07/2024    

Information published.


1.0    05/07/2024    

Information published.


1.0    06/07/2024    

Information published.


1.0    07/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-23336
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 1.0 ARM python2 (CBL-Mariner)
python3 (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
2.7.18-6
3.7.10-3
None
CBL Mariner 1.0 x64 python2 (CBL-Mariner)
python3 (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
2.7.18-6
3.7.10-3
None
CBL Mariner 2.0 ARM Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
Unknown Unknown None
CBL Mariner 2.0 x64 Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-23336 None

CVE-2019-9674 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-9674
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


1.0    04/07/2024    

Information published.


1.0    05/07/2024    

Information published.


1.0    06/07/2024    

Information published.


1.0    07/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-9674
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 1.0 ARM python2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.18-5 Unknown None
CBL Mariner 1.0 x64 python2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.18-5 Unknown None
CBL Mariner 2.0 ARM Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None
CBL Mariner 2.0 x64 Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-9674 None

CVE-2023-2976 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-2976
MITRE
NVD

Issuing CNA: cve-coordination@google.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,1/TemporalScore:7,1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-2976
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM guava (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
25.0-8 Unknown None
CBL Mariner 2.0 x64 guava (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
25.0-8 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-2976 None

CVE-2023-28531 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-28531
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    24/03/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-28531
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 1.0 ARM openssh (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.9p1-2 Unknown None
CBL Mariner 1.0 x64 openssh (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.9p1-2 Unknown None
CBL Mariner 2.0 ARM openssh (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.9p1-5 Unknown None
CBL Mariner 2.0 x64 openssh (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.9p1-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-28531 None

CVE-2023-3966 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-3966
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    22/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-3966
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openvswitch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.3.0-1 Unknown None
Azure Linux 3.0 x64 openvswitch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.3.0-1 Unknown None
CBL Mariner 2.0 ARM openvswitch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.17.9-1 Unknown None
CBL Mariner 2.0 x64 openvswitch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.17.9-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-3966 None

CVE-2023-50229 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-50229
MITRE
NVD

Issuing CNA: zdi-disclosures@trendmicro.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,1/TemporalScore:7,1
Base score metrics
Attack VectorAdjacent
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/05/2024    

Information published.


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-50229
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM bluez (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.63-5 Unknown None
Azure Linux 3.0 x64 bluez (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.63-5 Unknown None
CBL Mariner 2.0 ARM bluez (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.63-6 Unknown None
CBL Mariner 2.0 x64 bluez (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.63-6 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-50229 None

CVE-2023-43040 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-43040
MITRE
NVD

Issuing CNA: psirt@us.ibm.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-43040
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L
16.2.10-4 Unknown None
CBL Mariner 2.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L
16.2.10-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-43040 None

CVE-2023-52890 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-52890
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-52890
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM ntfs-3g (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2022.10.3-2 Unknown None
CBL Mariner 2.0 x64 ntfs-3g (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2022.10.3-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-52890 None

CVE-2023-6597 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6597
MITRE
NVD

Issuing CNA: cna@python.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6597
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM python3 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
3.9.19-1 Unknown None
CBL Mariner 2.0 x64 python3 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
3.9.19-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6597 None

CVE-2024-0450 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-0450
MITRE
NVD

Issuing CNA: cna@python.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,2/TemporalScore:6,2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-0450
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM python3 (CBL-Mariner) Unknown Unknown None Base: 6,2
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.9.19-1 Unknown None
CBL Mariner 2.0 x64 python3 (CBL-Mariner) Unknown Unknown None Base: 6,2
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.9.19-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-0450 None

CVE-2024-0874 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-0874
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-0874
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM coredns (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1.11.1-8 Unknown None
CBL Mariner 2.0 x64 coredns (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1.11.1-8 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-0874 None

CVE-2024-1013 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-1013
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,1/TemporalScore:7,1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-1013
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM unixODBC (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
2.3.12-2 Unknown None
Azure Linux 3.0 x64 unixODBC (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
2.3.12-2 Unknown None
CBL Mariner 2.0 ARM unixODBC (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
2.3.9-3 Unknown None
CBL Mariner 2.0 x64 unixODBC (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
2.3.9-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-1013 None

CVE-2024-1441 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-1441
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-1441
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM libvirt (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.10.0-8 Unknown None
CBL Mariner 2.0 x64 libvirt (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.10.0-8 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-1441 None

CVE-2024-1298 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-1298
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6/TemporalScore:6
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeChanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/06/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-1298
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 6
Temporal: 6
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
1.0.1-3 Unknown None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 6
Temporal: 6
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
1.0.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-1298 None

CVE-2024-2002 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-2002
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/03/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-2002
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM libdwarf (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.9.0-3 Unknown None
CBL Mariner 2.0 x64 libdwarf (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.9.0-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-2002 None

CVE-2024-20328 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-20328
MITRE
NVD

Issuing CNA: ykramarz@cisco.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-20328
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM clamav (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1.0.6-1 Unknown None
Azure Linux 3.0 x64 clamav (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1.0.6-1 Unknown None
CBL Mariner 2.0 ARM clamav (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
0.105.2-5 Unknown None
CBL Mariner 2.0 x64 clamav (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
0.105.2-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-20328 None

CVE-2024-21885 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21885
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21885
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM xorg-x11-server (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.20.10-10 Unknown None
CBL Mariner 2.0 x64 xorg-x11-server (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.20.10-10 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21885 None

CVE-2024-21892 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21892
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    26/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21892
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
18.20.2-1 Unknown None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
18.20.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21892 None

CVE-2024-22025 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-22025
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-22025
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM nodejs (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
16.20.2-4
18.18.2-5
None
CBL Mariner 2.0 x64 nodejs (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
16.20.2-4
18.18.2-5
None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-22025 None

CVE-2024-22019 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-22019
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    26/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-22019
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
18.20.2-1 Unknown None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
18.20.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-22019 None

CVE-2024-22189 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-22189
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    15/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-22189
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM coredns (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.11.1-6 Unknown None
CBL Mariner 2.0 x64 coredns (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.11.1-6 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-22189 None

CVE-2024-2408 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-2408
MITRE
NVD

Issuing CNA: security@php.net

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-2408
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
8.3.8-1 Unknown None
Azure Linux 3.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
8.3.8-1 Unknown None
CBL Mariner 2.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
8.1.29-1 Unknown None
CBL Mariner 2.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
8.1.29-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-2408 None

CVE-2024-2494 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-2494
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,2/TemporalScore:6,2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-2494
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM libvirt (CBL-Mariner) Unknown Unknown None Base: 6,2
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.10.0-9 Unknown None
CBL Mariner 2.0 x64 libvirt (CBL-Mariner) Unknown Unknown None Base: 6,2
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.10.0-9 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-2494 None

CVE-2024-25110 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-25110
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-25110
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2024.03.04-1 Unknown None
Azure Linux 3.0 x64 azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2024.03.04-1 Unknown None
CBL Mariner 2.0 ARM azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2022.01.21-3 Unknown None
CBL Mariner 2.0 x64 azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2022.01.21-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-25110 None

CVE-2024-2511 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-2511
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    15/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-2511
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
20.14.0-1
3.3.0-1
None
Azure Linux 3.0 x64 nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
20.14.0-1
3.3.0-1
None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
18.20.2-1
1.1.1k-30
None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
18.20.2-1
1.1.1k-30
None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-2511 None

CVE-2024-25629 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-25629
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,4/TemporalScore:4,4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    26/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-25629
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 4,4
Temporal: 4,4
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 4,4
Temporal: 4,4
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner) Unknown Unknown None Base: 4,4
Temporal: 4,4
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
18.20.2-1 Unknown None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner) Unknown Unknown None Base: 4,4
Temporal: 4,4
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
18.20.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-25629 None

CVE-2024-27099 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27099
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27099
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2024.03.04-1 Unknown None
Azure Linux 3.0 x64 azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2024.03.04-1 Unknown None
CBL Mariner 2.0 ARM azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2022.01.21-3 Unknown None
CBL Mariner 2.0 x64 azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2022.01.21-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27099 None

CVE-2024-26147 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26147
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    26/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26147
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM helm (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.13.2-3 Unknown None
Azure Linux 3.0 x64 helm (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.13.2-3 Unknown None
CBL Mariner 2.0 ARM cert-manager (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.11.2-10 Unknown None
CBL Mariner 2.0 x64 cert-manager (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.11.2-10 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26147 None

CVE-2024-27318 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27318
MITRE
NVD

Issuing CNA: disclosure@hiddenlayer.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    26/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27318
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM pytorch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.0.0-6 Unknown None
CBL Mariner 2.0 x64 pytorch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.0.0-6 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27318 None

CVE-2024-27319 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27319
MITRE
NVD

Issuing CNA: disclosure@hiddenlayer.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,4/TemporalScore:4,4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    26/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27319
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM pytorch (CBL-Mariner) Unknown Unknown None Base: 4,4
Temporal: 4,4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
2.0.0-4 Unknown None
CBL Mariner 2.0 x64 pytorch (CBL-Mariner) Unknown Unknown None Base: 4,4
Temporal: 4,4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
2.0.0-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27319 None

CVE-2024-27289 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27289
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,1/TemporalScore:8,1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    11/03/2024    

Information published.


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27289
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.31.0-1 Unknown None
Azure Linux 3.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.31.0-1 Unknown None
CBL Mariner 2.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.29.4-4 Unknown None
CBL Mariner 2.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.29.4-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27289 None

CVE-2024-2756 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-2756
MITRE
NVD

Issuing CNA: security@php.net

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    29/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-2756
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
8.1.28-1 Unknown None
CBL Mariner 2.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
8.1.28-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-2756 None

CVE-2024-27322 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27322
MITRE
NVD

Issuing CNA: 6f8de1f0-f67e-45a6-b68f-98777fdb759c

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27322
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM R (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.1.0-5 Unknown None
CBL Mariner 2.0 x64 R (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.1.0-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27322 None

CVE-2024-27982 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27982
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27982
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
18.20.2-1 Unknown None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
18.20.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27982 None

CVE-2024-28110 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-28110
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-28110
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.31.0-1 Unknown None
Azure Linux 3.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.31.0-1 Unknown None
CBL Mariner 2.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.28.5-5 Unknown None
CBL Mariner 2.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.28.5-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-28110 None

CVE-2024-27983 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27983
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,2/TemporalScore:8,2
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27983
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 8,2
Temporal: 8,2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 8,2
Temporal: 8,2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner) Unknown Unknown None Base: 8,2
Temporal: 8,2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
18.18.2-7 Unknown None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner) Unknown Unknown None Base: 8,2
Temporal: 8,2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
18.18.2-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27983 None

CVE-2024-28180 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-28180
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,3/TemporalScore:4,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    11/04/2024    

Information published.


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-28180
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM keda (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 4,3
Temporal: 4,3
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2.14.0-1
1.31.0-1
None
Azure Linux 3.0 x64 keda (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 4,3
Temporal: 4,3
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2.14.0-1
1.31.0-1
None
CBL Mariner 2.0 ARM cri-o (CBL-Mariner) Unknown Unknown None Base: 4,3
Temporal: 4,3
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1.21.7-2 Unknown None
CBL Mariner 2.0 x64 cri-o (CBL-Mariner) Unknown Unknown None Base: 4,3
Temporal: 4,3
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1.21.7-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-28180 None

CVE-2024-28849 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-28849
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/03/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-28849
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM reaper (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3.1.1-9 Unknown None
CBL Mariner 2.0 x64 reaper (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3.1.1-9 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-28849 None

CVE-2024-29041 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29041
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,1/TemporalScore:6,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29041
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM reaper (CBL-Mariner) Unknown Unknown None Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3.1.1-9 Unknown None
CBL Mariner 2.0 x64 reaper (CBL-Mariner) Unknown Unknown None Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3.1.1-9 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29041 None

CVE-2024-3154 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-3154
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,2/TemporalScore:7,2
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    31/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-3154
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM cri-o (CBL-Mariner) Unknown Unknown None Base: 7,2
Temporal: 7,2
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1.22.3-2 Unknown None
CBL Mariner 2.0 x64 cri-o (CBL-Mariner) Unknown Unknown None Base: 7,2
Temporal: 7,2
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1.22.3-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-3154 None

CVE-2024-30261 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30261
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:2,6/TemporalScore:2,6
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    15/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30261
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 2,6
Temporal: 2,6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 2,6
Temporal: 2,6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner) Unknown Unknown None Base: 2,6
Temporal: 2,6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
18.20.2-1 Unknown None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner) Unknown Unknown None Base: 2,6
Temporal: 2,6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
18.20.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30261 None

CVE-2024-3096 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-3096
MITRE
NVD

Issuing CNA: security@php.net

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    29/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-3096
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
8.3.4-1 Unknown None
Azure Linux 3.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
8.3.4-1 Unknown None
CBL Mariner 2.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
8.1.28-1 Unknown None
CBL Mariner 2.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
8.1.28-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-3096 None

CVE-2024-32021 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32021
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,9/TemporalScore:3,9
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityNone
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    17/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32021
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM git (CBL-Mariner) Unknown Unknown None Base: 3,9
Temporal: 3,9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
2.39.4-1 Unknown None
CBL Mariner 2.0 x64 git (CBL-Mariner) Unknown Unknown None Base: 3,9
Temporal: 3,9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
2.39.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32021 None

CVE-2024-32020 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32020
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,9/TemporalScore:3,9
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityNone
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    17/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32020
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM git (CBL-Mariner) Unknown Unknown None Base: 3,9
Temporal: 3,9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
2.39.4-1 Unknown None
CBL Mariner 2.0 x64 git (CBL-Mariner) Unknown Unknown None Base: 3,9
Temporal: 3,9
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
2.39.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32020 None

CVE-2024-34069 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-34069
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-34069
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-werkzeug (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
3.0.3-1 Unknown None
Azure Linux 3.0 x64 python-werkzeug (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
3.0.3-1 Unknown None
CBL Mariner 2.0 ARM python-werkzeug (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2.3.7-2 Unknown None
CBL Mariner 2.0 x64 python-werkzeug (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2.3.7-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-34069 None

CVE-2024-34064 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-34064
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,4/TemporalScore:5,4
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-34064
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM python-jinja2 (CBL-Mariner) Unknown Unknown None Base: 5,4
Temporal: 5,4
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
3.0.3-4 Unknown None
CBL Mariner 2.0 x64 python-jinja2 (CBL-Mariner) Unknown Unknown None Base: 5,4
Temporal: 5,4
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
3.0.3-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-34064 None

CVE-2024-34062 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-34062
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,8/TemporalScore:4,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-34062
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM python-tqdm (CBL-Mariner) Unknown Unknown None Base: 4,8
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
4.63.1-3 Unknown None
CBL Mariner 2.0 x64 python-tqdm (CBL-Mariner) Unknown Unknown None Base: 4,8
Temporal: 4,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
4.63.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-34062 None

CVE-2024-35195 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35195
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,6/TemporalScore:5,6
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35195
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM python-requests (CBL-Mariner) Unknown Unknown None Base: 5,6
Temporal: 5,6
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
2.27.1-7 Unknown None
CBL Mariner 2.0 x64 python-requests (CBL-Mariner) Unknown Unknown None Base: 5,6
Temporal: 5,6
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
2.27.1-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35195 None

CVE-2024-35176 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-35176
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-35176
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM rubygem-rexml (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
3.2.8-1 Unknown None
Azure Linux 3.0 x64 rubygem-rexml (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
3.2.8-1 Unknown None
CBL Mariner 2.0 ARM ruby (CBL-Mariner)
rubygem-rexml (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
3.1.4-6
3.2.7-1
None
CBL Mariner 2.0 x64 ruby (CBL-Mariner)
rubygem-rexml (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
3.1.4-6
3.2.7-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-35176 None

CVE-2024-38428 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-38428
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-38428
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM wget (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.21.2-3 Unknown None
CBL Mariner 2.0 x64 wget (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.21.2-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-38428 None

CVE-2024-3817 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-3817
MITRE
NVD

Issuing CNA: security@hashicorp.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    22/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-3817
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM terraform (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.3.2-14 Unknown None
CBL Mariner 2.0 x64 terraform (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.3.2-14 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-3817 None

CVE-2024-4068 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-4068
MITRE
NVD

Issuing CNA: oss-report@checkmarx.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    17/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-4068
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM reaper (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.1.1-9 Unknown None
CBL Mariner 2.0 x64 reaper (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.1.1-9 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-4068 None

CVE-2024-4418 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-4418
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,2/TemporalScore:6,2
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-4418
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
CBL Mariner 2.0 ARM libvirt (CBL-Mariner) Unknown Unknown None Base: 6,2
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.10.0-10 Unknown None
CBL Mariner 2.0 x64 libvirt (CBL-Mariner) Unknown Unknown None Base: 6,2
Temporal: 6,2
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.10.0-10 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-4418 None

CVE-2024-4317 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-4317
MITRE
NVD

Issuing CNA: cna@postgresql.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,1/TemporalScore:3,1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-4317
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM postgresql (CBL-Mariner) Unknown Unknown None Base: 3,1
Temporal: 3,1
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
16.3-1 Unknown None
Azure Linux 3.0 x64 postgresql (CBL-Mariner) Unknown Unknown None Base: 3,1
Temporal: 3,1
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
16.3-1 Unknown None
CBL Mariner 2.0 ARM postgresql (CBL-Mariner) Unknown Unknown None Base: 3,1
Temporal: 3,1
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
14.12-1 Unknown None
CBL Mariner 2.0 x64 postgresql (CBL-Mariner) Unknown Unknown None Base: 3,1
Temporal: 3,1
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
14.12-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-4317 None

CVE-2024-4577 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-4577
MITRE
NVD

Issuing CNA: security@php.net

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-4577
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.3.8-1 Unknown None
Azure Linux 3.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.3.8-1 Unknown None
CBL Mariner 2.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1.29-1 Unknown None
CBL Mariner 2.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1.29-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-4577 None

CVE-2024-5564 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-5564
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,1/TemporalScore:8,1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-5564
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libndp (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.8-2 Unknown None
Azure Linux 3.0 x64 libndp (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.8-2 Unknown None
CBL Mariner 2.0 ARM libndp (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.8-2 Unknown None
CBL Mariner 2.0 x64 libndp (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1.8-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-5564 None

CVE-2024-5458 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-5458
MITRE
NVD

Issuing CNA: security@php.net

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-5458
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
8.3.8-1 Unknown None
Azure Linux 3.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
8.3.8-1 Unknown None
CBL Mariner 2.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
8.1.29-1 Unknown None
CBL Mariner 2.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
8.1.29-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-5458 None

CVE-2024-5585 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-5585
MITRE
NVD

Issuing CNA: security@php.net

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-5585
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.3.8-1 Unknown None
Azure Linux 3.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.3.8-1 Unknown None
CBL Mariner 2.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.1.29-1 Unknown None
CBL Mariner 2.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.1.29-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-5585 None

CVE-2007-2768 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2007-2768
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/09/2020    

Information published.


2.0    16/12/2021    

Added openssh to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2007-2768
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openssh (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
9.5p1-2 Unknown None
Azure Linux 3.0 x64 openssh (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
9.5p1-2 Unknown None
CBL Mariner 1.0 ARM openssh (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
8.5p1-3 Unknown None
CBL Mariner 1.0 x64 openssh (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
8.5p1-3 Unknown None
CBL Mariner 2.0 ARM openssh (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
8.8p1-2 Unknown None
CBL Mariner 2.0 x64 openssh (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
8.8p1-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2007-2768 None

CVE-2010-2891 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2010-2891
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/12/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2010-2891
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libsmi (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
0.4.8-28 Unknown None
Azure Linux 3.0 x64 libsmi (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
0.4.8-28 Unknown None
CBL Mariner 2.0 ARM libsmi (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
0.4.8-27 Unknown None
CBL Mariner 2.0 x64 libsmi (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
0.4.8-27 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2010-2891 None

CVE-2013-2094 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2013-2094
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2013-2094
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.22.1-2 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.22.1-2 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.153.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.153.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2013-2094 None

CVE-2012-6687 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2012-6687
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added fcgi to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2012-6687
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM fcgi (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.0-7 Unknown None
Azure Linux 3.0 x64 fcgi (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.0-7 Unknown None
CBL Mariner 1.0 ARM fcgi (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.0-7 Unknown None
CBL Mariner 1.0 x64 fcgi (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.0-7 Unknown None
CBL Mariner 2.0 ARM fcgi (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.0-7 Unknown None
CBL Mariner 2.0 x64 fcgi (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.4.0-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2012-6687 None

CVE-2013-4420 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2013-4420
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added libtar to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2013-4420
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.2.20-11 Unknown None
Azure Linux 3.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.2.20-11 Unknown None
CBL Mariner 1.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.2.20-8 Unknown None
CBL Mariner 1.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.2.20-8 Unknown None
CBL Mariner 2.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.2.20-8 Unknown None
CBL Mariner 2.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.2.20-8 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2013-4420 None

CVE-2013-4342 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2013-4342
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    20/02/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2013-4342
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM xinetd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.3.15-14 Unknown None
Azure Linux 3.0 x64 xinetd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.3.15-14 Unknown None
CBL Mariner 1.0 ARM xinetd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.3.15-13 Unknown None
CBL Mariner 1.0 x64 xinetd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.3.15-13 Unknown None
CBL Mariner 2.0 ARM xinetd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.3.15-14 Unknown None
CBL Mariner 2.0 x64 xinetd (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.3.15-14 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2013-4342 None

CVE-2014-3185 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2014-3185
MITRE
NVD

Issuing CNA: chrome-cve-admin@google.com

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2014-3185
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.22.1-2 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.22.1-2 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.153.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.153.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2014-3185 None

CVE-2014-8139 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2014-8139
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added unzip to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2014-8139
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-20 Unknown None
Azure Linux 3.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-20 Unknown None
CBL Mariner 1.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-16 Unknown None
CBL Mariner 1.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-16 Unknown None
CBL Mariner 2.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-19 Unknown None
CBL Mariner 2.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-19 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2014-8139 None

CVE-2014-0069 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2014-0069
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2014-0069
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-4 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-4 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.148.2-2 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.148.2-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2014-0069 None

CVE-2014-8140 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2014-8140
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added unzip to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2014-8140
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-20 Unknown None
Azure Linux 3.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-20 Unknown None
CBL Mariner 1.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-16 Unknown None
CBL Mariner 1.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-16 Unknown None
CBL Mariner 2.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-19 Unknown None
CBL Mariner 2.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-19 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2014-8140 None

CVE-2014-8141 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2014-8141
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added unzip to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2014-8141
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-20 Unknown None
Azure Linux 3.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-20 Unknown None
CBL Mariner 1.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-16 Unknown None
CBL Mariner 1.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-16 Unknown None
CBL Mariner 2.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-19 Unknown None
CBL Mariner 2.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-19 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2014-8141 None

CVE-2015-2987 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2015-2987
MITRE
NVD

Issuing CNA: vultures@jpcert.or.jp

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added ed to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2015-2987
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ed (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.20-1 Unknown None
Azure Linux 3.0 x64 ed (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.20-1 Unknown None
CBL Mariner 1.0 ARM ed (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.2-8 Unknown None
CBL Mariner 1.0 x64 ed (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.2-8 Unknown None
CBL Mariner 2.0 ARM ed (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.2-9 Unknown None
CBL Mariner 2.0 x64 ed (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.2-9 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2015-2987 None

CVE-2014-9913 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2014-9913
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4/TemporalScore:4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added unzip to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2014-9913
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 4
Temporal: 4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.0-20 Unknown None
Azure Linux 3.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 4
Temporal: 4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.0-20 Unknown None
CBL Mariner 1.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 4
Temporal: 4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.0-15 Unknown None
CBL Mariner 1.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 4
Temporal: 4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.0-15 Unknown None
CBL Mariner 2.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 4
Temporal: 4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.0-19 Unknown None
CBL Mariner 2.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 4
Temporal: 4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.0-19 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2014-9913 None

CVE-2015-5157 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2015-5157
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2015-5157
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.22.1-2 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.22.1-2 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.153.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
5.15.153.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2015-5157 None

CVE-2015-7696 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2015-7696
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added unzip to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2015-7696
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-20 Unknown None
Azure Linux 3.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-20 Unknown None
CBL Mariner 1.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-15 Unknown None
CBL Mariner 1.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-15 Unknown None
CBL Mariner 2.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-19 Unknown None
CBL Mariner 2.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-19 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2015-7696 None

CVE-2015-7697 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2015-7697
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added unzip to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2015-7697
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-20 Unknown None
Azure Linux 3.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-20 Unknown None
CBL Mariner 1.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-15 Unknown None
CBL Mariner 1.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-15 Unknown None
CBL Mariner 2.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-19 Unknown None
CBL Mariner 2.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.0-19 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2015-7697 None

CVE-2016-9296 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2016-9296
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/12/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2016-9296
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM p7zip (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
16.02-23 Unknown None
Azure Linux 3.0 x64 p7zip (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
16.02-23 Unknown None
CBL Mariner 1.0 ARM Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None
CBL Mariner 1.0 x64 Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None
CBL Mariner 2.0 ARM p7zip (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
16.02-22 Unknown None
CBL Mariner 2.0 x64 p7zip (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
16.02-22 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2016-9296 None

CVE-2016-9844 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2016-9844
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4/TemporalScore:4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added unzip to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2016-9844
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 4
Temporal: 4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.0-20 Unknown None
Azure Linux 3.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 4
Temporal: 4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.0-20 Unknown None
CBL Mariner 1.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 4
Temporal: 4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.0-15 Unknown None
CBL Mariner 1.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 4
Temporal: 4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.0-15 Unknown None
CBL Mariner 2.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 4
Temporal: 4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.0-19 Unknown None
CBL Mariner 2.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 4
Temporal: 4
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
6.0-19 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2016-9844 None

CVE-2017-3604 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3604
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3604
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3604 None

CVE-2017-17969 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-17969
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/12/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-17969
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM p7zip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
16.02-23 Unknown None
Azure Linux 3.0 x64 p7zip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
16.02-23 Unknown None
CBL Mariner 1.0 ARM Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Unknown Unknown None
CBL Mariner 1.0 x64 Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Unknown Unknown None
CBL Mariner 2.0 ARM p7zip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
16.02-22 Unknown None
CBL Mariner 2.0 x64 p7zip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
16.02-22 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-17969 None

CVE-2017-3608 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3608
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3608
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3608 None

CVE-2017-3607 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3607
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3607
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3607 None

CVE-2017-3606 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3606
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3606
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3606 None

CVE-2017-3610 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3610
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3610
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3610 None

CVE-2017-3609 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3609
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3609
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3609 None

CVE-2017-3612 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3612
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3612
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3612 None

CVE-2017-3614 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3614
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3614
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3614 None

CVE-2017-3613 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3613
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3613
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3613 None

CVE-2017-3616 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3616
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3616
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3616 None

CVE-2017-3615 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-3615
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-3615
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-3615 None

CVE-2018-1000097 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-1000097
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/12/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-1000097
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM sharutils (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.15.2-21 Unknown None
Azure Linux 3.0 x64 sharutils (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.15.2-21 Unknown None
CBL Mariner 2.0 ARM sharutils (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.15.2-20 Unknown None
CBL Mariner 2.0 x64 sharutils (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
4.15.2-20 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-1000097 None

CVE-2018-1000035 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-1000035
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added unzip to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-1000035
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-20 Unknown None
Azure Linux 3.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-20 Unknown None
CBL Mariner 1.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-16 Unknown None
CBL Mariner 1.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-16 Unknown None
CBL Mariner 2.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-19 Unknown None
CBL Mariner 2.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.0-19 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-1000035 None

CVE-2018-1129 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-1129
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-1129
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-1129 None

CVE-2018-10906 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-10906
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added fuse to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-10906
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM fuse (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.9.7-10 Unknown None
Azure Linux 3.0 x64 fuse (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.9.7-10 Unknown None
CBL Mariner 1.0 ARM fuse (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.9.7-7 Unknown None
CBL Mariner 1.0 x64 fuse (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.9.7-7 Unknown None
CBL Mariner 2.0 ARM fuse (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.9.7-10 Unknown None
CBL Mariner 2.0 x64 fuse (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.9.7-10 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-10906 None

CVE-2018-1000156 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-1000156
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added patch to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-1000156
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-9 Unknown None
Azure Linux 3.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-9 Unknown None
CBL Mariner 1.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-7 Unknown None
CBL Mariner 1.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-7 Unknown None
CBL Mariner 2.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-7 Unknown None
CBL Mariner 2.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-1000156 None

CVE-2018-1999023 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-1999023
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-1999023
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-1999023 None

CVE-2018-18384 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-18384
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added unzip to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-18384
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.0-20 Unknown None
Azure Linux 3.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.0-20 Unknown None
CBL Mariner 1.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.0-15 Unknown None
CBL Mariner 1.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.0-15 Unknown None
CBL Mariner 2.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.0-19 Unknown None
CBL Mariner 2.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.0-19 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-18384 None

CVE-2018-20505 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-20505
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-20505
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-20505 None

CVE-2018-20346 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-20346
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,1/TemporalScore:8,1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-20346
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-20346 None

CVE-2018-20169 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-20169
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,8/TemporalScore:6,8
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-20169
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 6,8
Temporal: 6,8
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.6.22.1-2 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 6,8
Temporal: 6,8
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.6.22.1-2 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 6,8
Temporal: 6,8
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.15.148.2-2 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 6,8
Temporal: 6,8
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.15.148.2-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-20169 None

CVE-2018-20506 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-20506
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,1/TemporalScore:8,1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-20506
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-20506 None

CVE-2018-20969 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-20969
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added patch to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-20969
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-9 Unknown None
Azure Linux 3.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-9 Unknown None
CBL Mariner 1.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-7 Unknown None
CBL Mariner 1.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-7 Unknown None
CBL Mariner 2.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-7 Unknown None
CBL Mariner 2.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-20969 None

CVE-2018-25032 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-25032
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    31/03/2022    

Information published.


2.0    17/09/2022    

Added mariadb to CBL-Mariner 1.0 Added python3 to CBL-Mariner 1.0


3.0    17/04/2023    

Added tcl to CBL-Mariner 1.0


4.0    18/04/2023    

Added boost to CBL-Mariner 2.0


5.0    19/04/2023    

Added nmap to CBL-Mariner 2.0 Added tcl to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-25032
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
grpc (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.28.2-1
1.62.0-2
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
grpc (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.28.2-1
1.62.0-2
None
CBL Mariner 1.0 ARM boost (CBL-Mariner)
erlang (CBL-Mariner)
mariadb (CBL-Mariner)
nmap (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.66.0-4
24.2-2
10.3.36-1
7.90-4
None
CBL Mariner 1.0 x64 boost (CBL-Mariner)
erlang (CBL-Mariner)
mariadb (CBL-Mariner)
nmap (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.66.0-4
24.2-2
10.3.36-1
7.90-4
None
CBL Mariner 2.0 ARM boost (CBL-Mariner)
nmap (CBL-Mariner)
qt5-qtbase (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.76.0-3
7.93-1
5.15.9-1
1.72.0-2
None
CBL Mariner 2.0 x64 boost (CBL-Mariner)
nmap (CBL-Mariner)
qt5-qtbase (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.76.0-3
7.93-1
5.15.9-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-25032 None

CVE-2018-6951 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-6951
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added patch to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-6951
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.6-9 Unknown None
Azure Linux 3.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.6-9 Unknown None
CBL Mariner 1.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.6-7 Unknown None
CBL Mariner 1.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.6-7 Unknown None
CBL Mariner 2.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.6-7 Unknown None
CBL Mariner 2.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.7.6-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-6951 None

CVE-2018-5996 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2018-5996
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/12/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2018-5996
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM p7zip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
16.02-23 Unknown None
Azure Linux 3.0 x64 p7zip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
16.02-23 Unknown None
CBL Mariner 1.0 ARM Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Unknown Unknown None
CBL Mariner 1.0 x64 Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Unknown Unknown None
CBL Mariner 2.0 ARM p7zip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
16.02-22 Unknown None
CBL Mariner 2.0 x64 p7zip (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
16.02-22 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2018-5996 None

CVE-2019-11835 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-11835
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-11835
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libglvnd (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.7.0-2 Unknown None
Azure Linux 3.0 x64 libglvnd (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.7.0-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-11835 None

CVE-2019-11834 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-11834
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-11834
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libglvnd (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.7.0-2 Unknown None
Azure Linux 3.0 x64 libglvnd (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.7.0-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-11834 None

CVE-2019-13232 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-13232
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,3/TemporalScore:3,3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added unzip to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-13232
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
6.0-20 Unknown None
Azure Linux 3.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
6.0-20 Unknown None
CBL Mariner 1.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
6.0-18 Unknown None
CBL Mariner 1.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
6.0-18 Unknown None
CBL Mariner 2.0 ARM unzip (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
6.0-19 Unknown None
CBL Mariner 2.0 x64 unzip (CBL-Mariner) Unknown Unknown None Base: 3,3
Temporal: 3,3
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
6.0-19 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-13232 None

CVE-2019-13636 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-13636
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added patch to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-13636
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
2.7.6-9 Unknown None
Azure Linux 3.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
2.7.6-9 Unknown None
CBL Mariner 1.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
2.7.6-7 Unknown None
CBL Mariner 1.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
2.7.6-7 Unknown None
CBL Mariner 2.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
2.7.6-7 Unknown None
CBL Mariner 2.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
2.7.6-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-13636 None

CVE-2019-13638 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-13638
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/09/2020    

Information published.


2.0    16/12/2021    

Added patch to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-13638
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-9 Unknown None
Azure Linux 3.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-9 Unknown None
CBL Mariner 1.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-7 Unknown None
CBL Mariner 1.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-7 Unknown None
CBL Mariner 2.0 ARM patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-7 Unknown None
CBL Mariner 2.0 x64 patch (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.7.6-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-13638 None

CVE-2019-19391 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-19391
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,1/TemporalScore:9,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-19391
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM sysbench (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1.0.20-3 Unknown None
Azure Linux 3.0 x64 sysbench (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1.0.20-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-19391 None

CVE-2019-16168 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-16168
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-16168
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-16168 None

CVE-2019-19645 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-19645
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-19645
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-19645 None

CVE-2019-19646 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-19646
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-19646
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-19646 None

CVE-2019-20503 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-20503
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    17/06/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-20503
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM usrsctp (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.9.5.0-1 Unknown None
Azure Linux 3.0 x64 usrsctp (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.9.5.0-1 Unknown None
CBL Mariner 2.0 ARM usrsctp (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.9.5.0-1 Unknown None
CBL Mariner 2.0 x64 usrsctp (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.9.5.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-20503 None

CVE-2019-3016 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-3016
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,7/TemporalScore:4,7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/09/2020    

Information published.


2.0    16/12/2021    

Added kernel to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-3016
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
6.6.29.1-4 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
6.6.29.1-4 Unknown None
CBL Mariner 1.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
5.10.60.1-1 Unknown None
CBL Mariner 1.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
5.10.60.1-1 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
5.10.78.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 4,7
Temporal: 4,7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
5.10.78.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-3016 None

CVE-2019-6293 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-6293
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


2.0    16/12/2021    

Added flex to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-6293
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM flex (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.6.4-7 Unknown None
Azure Linux 3.0 x64 flex (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.6.4-7 Unknown None
CBL Mariner 1.0 ARM flex (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.6.4-6 Unknown None
CBL Mariner 1.0 x64 flex (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.6.4-6 Unknown None
CBL Mariner 2.0 ARM flex (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.6.4-7 Unknown None
CBL Mariner 2.0 x64 flex (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.6.4-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-6293 None

CVE-2019-8457 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-8457
MITRE
NVD

Issuing CNA: cve@checkpoint.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-8457
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-8457 None

CVE-2019-9741 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-9741
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,1/TemporalScore:6,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-9741
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2.16.2-1 Unknown None
Azure Linux 3.0 x64 python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2.16.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-9741 None

CVE-2019-6470 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-6470
MITRE
NVD

Issuing CNA: security-officer@isc.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/09/2020    

Information published.


2.0    16/12/2021    

Added bind to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-6470
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.44-2 Unknown None
Azure Linux 3.0 x64 bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.44-2 Unknown None
CBL Mariner 1.0 ARM bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.15-1 Unknown None
CBL Mariner 1.0 x64 bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.15-1 Unknown None
CBL Mariner 2.0 ARM bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.15-3 Unknown None
CBL Mariner 2.0 x64 bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.15-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-6470 None

CVE-2020-13434 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-13434
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-13434
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-13434 None

CVE-2020-11656 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-11656
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-11656
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-11656 None

CVE-2020-13630 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-13630
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-13630
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-13630 None

CVE-2020-13435 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-13435
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-13435
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-13435 None

CVE-2020-13631 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-13631
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-13631
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-13631 None

CVE-2020-13632 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-13632
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-13632
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-13632 None

CVE-2020-15586 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-15586
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    18/08/2020    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-15586
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.2-1 Unknown None
Azure Linux 3.0 x64 python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.2-1 Unknown None
CBL Mariner 1.0 ARM golang (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1.15.13-1 Unknown None
CBL Mariner 1.0 x64 golang (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1.15.13-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-15586 None

CVE-2020-18032 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-18032
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/09/2021    

Information published.


2.0    16/12/2021    

Added graphviz to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-18032
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM graphviz (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.42.4-10 Unknown None
Azure Linux 3.0 x64 graphviz (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.42.4-10 Unknown None
CBL Mariner 1.0 ARM graphviz (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.42.4-5 Unknown None
CBL Mariner 1.0 x64 graphviz (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.42.4-5 Unknown None
CBL Mariner 2.0 ARM graphviz (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.42.4-6 Unknown None
CBL Mariner 2.0 x64 graphviz (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2.42.4-6 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-18032 None

CVE-2020-24370 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-24370
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-24370
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM lua (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.4.6-1 Unknown None
Azure Linux 3.0 x64 lua (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.4.6-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-24370 None

CVE-2020-22217 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-22217
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    04/09/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-22217
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grpc (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1.62.0-2 Unknown None
Azure Linux 3.0 x64 grpc (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1.62.0-2 Unknown None
CBL Mariner 2.0 ARM python-gevent (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
21.1.2-1 Unknown None
CBL Mariner 2.0 x64 python-gevent (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
21.1.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-22217 None

CVE-2020-27815 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-27815
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    11/10/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-27815
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-4 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-4 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.135.1-2 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.135.1-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-27815 None

CVE-2020-28366 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-28366
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/11/2020    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-28366
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2.16.2-1 Unknown None
Azure Linux 3.0 x64 python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2.16.2-1 Unknown None
CBL Mariner 1.0 ARM golang (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1.15.13-1 Unknown None
CBL Mariner 1.0 x64 golang (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1.15.13-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-28366 None

CVE-2020-27304 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-27304
MITRE
NVD

Issuing CNA: vuln@vdoo.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-27304
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-27304 None

CVE-2020-2981 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-2981
MITRE
NVD

Issuing CNA: secalert_us@oracle.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/07/2021    

Information published.


2.0    16/12/2021    

Added libdb to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-2981
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
Azure Linux 3.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 1.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 1.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-5 Unknown None
CBL Mariner 2.0 ARM libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None
CBL Mariner 2.0 x64 libdb (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
5.3.28-7 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-2981 None

CVE-2020-8554 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2020-8554
MITRE
NVD

Issuing CNA: security@kubernetes.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5/TemporalScore:5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01/11/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2020-8554
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kubernetes (CBL-Mariner) Unknown Unknown None Base: 5
Temporal: 5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
1.28.3-2 Unknown None
Azure Linux 3.0 x64 kubernetes (CBL-Mariner) Unknown Unknown None Base: 5
Temporal: 5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
1.28.3-2 Unknown None
CBL Mariner 2.0 ARM kubernetes (CBL-Mariner) Unknown Unknown None Base: 5
Temporal: 5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
1.28.3-1 Unknown None
CBL Mariner 2.0 x64 kubernetes (CBL-Mariner) Unknown Unknown None Base: 5
Temporal: 5
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
1.28.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2020-8554 None

CVE-2021-3115 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-3115
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-3115
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2.16.2-1 Unknown None
Azure Linux 3.0 x64 python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2.16.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-3115 None

CVE-2021-27378 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-27378
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-27378
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM librsvg2 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.58.1-1 Unknown None
Azure Linux 3.0 x64 librsvg2 (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.58.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-27378 None

CVE-2021-33391 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-33391
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/02/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-33391
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tidy (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.8.0-6 Unknown None
Azure Linux 3.0 x64 tidy (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.8.0-6 Unknown None
CBL Mariner 2.0 ARM tidy (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.8.0-6 Unknown None
CBL Mariner 2.0 x64 tidy (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.8.0-6 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-33391 None

CVE-2021-33643 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-33643
MITRE
NVD

Issuing CNA: securities@openeuler.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,1/TemporalScore:9,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/08/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-33643
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1.2.20-11 Unknown None
Azure Linux 3.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1.2.20-11 Unknown None
CBL Mariner 1.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1.2.20-10 Unknown None
CBL Mariner 1.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1.2.20-10 Unknown None
CBL Mariner 2.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1.2.20-10 Unknown None
CBL Mariner 2.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1.2.20-10 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-33643 None

CVE-2021-33640 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-33640
MITRE
NVD

Issuing CNA: securities@openeuler.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/01/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-33640
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.2.20-11 Unknown None
Azure Linux 3.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.2.20-11 Unknown None
CBL Mariner 1.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.2.20-11 Unknown None
CBL Mariner 1.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.2.20-11 Unknown None
CBL Mariner 2.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.2.20-11 Unknown None
CBL Mariner 2.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.2.20-11 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-33640 None

CVE-2021-33646 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-33646
MITRE
NVD

Issuing CNA: securities@openeuler.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/08/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-33646
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.20-11 Unknown None
Azure Linux 3.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.20-11 Unknown None
CBL Mariner 1.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.20-10 Unknown None
CBL Mariner 1.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.20-10 Unknown None
CBL Mariner 2.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.20-10 Unknown None
CBL Mariner 2.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.20-10 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-33646 None

CVE-2021-33645 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-33645
MITRE
NVD

Issuing CNA: securities@openeuler.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/08/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-33645
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.20-11 Unknown None
Azure Linux 3.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.20-11 Unknown None
CBL Mariner 1.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.20-10 Unknown None
CBL Mariner 1.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.20-10 Unknown None
CBL Mariner 2.0 ARM libtar (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.20-10 Unknown None
CBL Mariner 2.0 x64 libtar (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.20-10 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-33645 None

CVE-2021-3502 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-3502
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-3502
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM avahi (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.8-1 Unknown None
Azure Linux 3.0 x64 avahi (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.8-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-3502 None

CVE-2021-3468 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-3468
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/12/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-3468
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM avahi (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.8-1 Unknown None
Azure Linux 3.0 x64 avahi (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.8-1 Unknown None
CBL Mariner 2.0 ARM avahi (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.8-1 Unknown None
CBL Mariner 2.0 x64 avahi (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.8-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-3468 None

CVE-2021-36373 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-36373
MITRE
NVD

Issuing CNA: security@apache.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    17/07/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-36373
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM javapackages-bootstrap (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.14.0-2 Unknown None
Azure Linux 3.0 x64 javapackages-bootstrap (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.14.0-2 Unknown None
CBL Mariner 1.0 ARM ant (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.10.11-1 Unknown None
CBL Mariner 1.0 x64 ant (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.10.11-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-36373 None

CVE-2021-3696 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-3696
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,5/TemporalScore:4,5
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/10/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-3696
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 4,5
Temporal: 4,5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
2.06-14 Unknown None
Azure Linux 3.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 4,5
Temporal: 4,5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
2.06-14 Unknown None
CBL Mariner 2.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 4,5
Temporal: 4,5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
2.06-12 Unknown None
CBL Mariner 2.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 4,5
Temporal: 4,5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
2.06-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-3696 None

CVE-2021-3695 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-3695
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,5/TemporalScore:4,5
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/10/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-3695
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 4,5
Temporal: 4,5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
2.06-14 Unknown None
Azure Linux 3.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 4,5
Temporal: 4,5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
2.06-14 Unknown None
CBL Mariner 2.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 4,5
Temporal: 4,5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
2.06-12 Unknown None
CBL Mariner 2.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 4,5
Temporal: 4,5
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
2.06-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-3695 None

CVE-2021-37501 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-37501
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/02/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-37501
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.12.1-13 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.12.1-13 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.12.1-13 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.12.1-13 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-37501 None

CVE-2021-3697 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-3697
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/10/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-3697
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-14 Unknown None
Azure Linux 3.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-14 Unknown None
CBL Mariner 2.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-12 Unknown None
CBL Mariner 2.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-3697 None

CVE-2021-45985 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-45985
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    15/04/2023    

Information published.


2.0    19/04/2023    

Added memcached to CBL-Mariner 2.0 Added ntopng to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-45985
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ntopng (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.2.1-2 Unknown None
Azure Linux 3.0 x64 ntopng (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.2.1-2 Unknown None
CBL Mariner 2.0 ARM lua (CBL-Mariner)
memcached (CBL-Mariner)
ntopng (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.4.3-5
1.6.13-3
5.2.1-2
None
CBL Mariner 2.0 x64 lua (CBL-Mariner)
memcached (CBL-Mariner)
ntopng (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.4.3-5
1.6.13-3
5.2.1-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-45985 None

CVE-2021-44716 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2021-44716
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/01/2022    

Information published.


2.0    08/11/2023    

Added kured to CBL-Mariner 2.0


3.0    24/01/2024    

Added flannel to CBL-Mariner 2.0 Added kube-vip-cloud-provider to CBL-Mariner 2.0 Added libcontainers-common to CBL-Mariner 2.0 Added local-path-provisioner to CBL-Mariner 2.0


4.0    11/04/2024    

Added cri-o to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2021-44716
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM keda (CBL-Mariner)
moby-engine (CBL-Mariner)
node-problem-detector (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.14.0-1
25.0.3-1
0.8.15-1
None
Azure Linux 3.0 x64 keda (CBL-Mariner)
moby-engine (CBL-Mariner)
node-problem-detector (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.14.0-1
25.0.3-1
0.8.15-1
None
CBL Mariner 1.0 ARM golang (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.16.12-1 Unknown None
CBL Mariner 1.0 x64 golang (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.16.12-1 Unknown None
CBL Mariner 2.0 ARM application-gateway-kubernetes-ingress (CBL-Mariner)
cf-cli (CBL-Mariner)
cri-o (CBL-Mariner)
csi-driver-lvm (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.4.0-19
8.4.0-16
1.21.7-2
0.4.1-15
None
CBL Mariner 2.0 x64 application-gateway-kubernetes-ingress (CBL-Mariner)
cf-cli (CBL-Mariner)
cri-o (CBL-Mariner)
csi-driver-lvm (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.4.0-19
8.4.0-16
1.21.7-2
0.4.1-15
None

Acknowledgements

CVE ID Acknowledgements
CVE-2021-44716 None

CVE-2022-0135 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-0135
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/08/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-0135
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM virglrenderer (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.9.1-3 Unknown None
Azure Linux 3.0 x64 virglrenderer (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.9.1-3 Unknown None
CBL Mariner 2.0 ARM virglrenderer (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.9.1-2 Unknown None
CBL Mariner 2.0 x64 virglrenderer (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.9.1-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-0135 None

CVE-2022-0175 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-0175
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/09/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-0175
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM virglrenderer (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.9.1-3 Unknown None
Azure Linux 3.0 x64 virglrenderer (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.9.1-3 Unknown None
CBL Mariner 2.0 ARM virglrenderer (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.9.1-3 Unknown None
CBL Mariner 2.0 x64 virglrenderer (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
0.9.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-0175 None

CVE-2022-1941 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-1941
MITRE
NVD

Issuing CNA: cve-coordination@google.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-1941
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grpc (CBL-Mariner)
keras (CBL-Mariner)
protobuf (CBL-Mariner)
python-tensorboard (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.62.0-2
3.1.1-1
25.3-1
2.16.2-1
None
Azure Linux 3.0 x64 grpc (CBL-Mariner)
keras (CBL-Mariner)
protobuf (CBL-Mariner)
python-tensorboard (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.62.0-2
3.1.1-1
25.3-1
2.16.2-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-1941 None

CVE-2022-1292 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-1292
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/05/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-1292
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.0.1-2 Unknown None
Azure Linux 3.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.0.1-2 Unknown None
CBL Mariner 1.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.1.1k-10 Unknown None
CBL Mariner 1.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.1.1k-10 Unknown None
CBL Mariner 2.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.1.1k-15 Unknown None
CBL Mariner 2.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.1.1k-15 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-1292 None

CVE-2022-1996 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-1996
MITRE
NVD

Issuing CNA: security@huntr.dev

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,1/TemporalScore:9,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-1996
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM sriov-network-device-plugin (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
3.7.0-1 Unknown None
Azure Linux 3.0 x64 sriov-network-device-plugin (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
3.7.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-1996 None

CVE-2022-2097 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-2097
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/07/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-2097
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.0.1-2 Unknown None
Azure Linux 3.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.0.1-2 Unknown None
CBL Mariner 1.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.1.1k-12 Unknown None
CBL Mariner 1.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.1.1k-12 Unknown None
CBL Mariner 2.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.1.1k-20 Unknown None
CBL Mariner 2.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1.1.1k-20 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-2097 None

CVE-2022-21698 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-21698
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/11/2023    

Information published.


2.0    24/01/2024    

Added application-gateway-kubernetes-ingress to CBL-Mariner 2.0 Added kube-vip-cloud-provider to CBL-Mariner 2.0 Added local-path-provisioner to CBL-Mariner 2.0 Added moby-buildx to CBL-Mariner 2.0


3.0    11/04/2024    

Added cri-o to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-21698
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM keda (CBL-Mariner)
moby-engine (CBL-Mariner)
node-problem-detector (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.14.0-1
25.0.3-1
0.8.15-1
None
Azure Linux 3.0 x64 keda (CBL-Mariner)
moby-engine (CBL-Mariner)
node-problem-detector (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.14.0-1
25.0.3-1
0.8.15-1
None
CBL Mariner 2.0 ARM application-gateway-kubernetes-ingress (CBL-Mariner)
cri-o (CBL-Mariner)
kube-vip-cloud-provider (CBL-Mariner)
kured (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.4.0-17
1.21.7-2
0.0.2-14
1.13.2-1
None
CBL Mariner 2.0 x64 application-gateway-kubernetes-ingress (CBL-Mariner)
cri-o (CBL-Mariner)
kube-vip-cloud-provider (CBL-Mariner)
kured (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.4.0-17
1.21.7-2
0.0.2-14
1.13.2-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-21698 None

CVE-2022-24713 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-24713
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-24713
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM librsvg2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.58.1-1 Unknown None
Azure Linux 3.0 x64 librsvg2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.58.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-24713 None

CVE-2022-2601 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-2601
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,6/TemporalScore:8,6
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    17/12/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-2601
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2.06-14 Unknown None
Azure Linux 3.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2.06-14 Unknown None
CBL Mariner 1.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2.06~rc1-9 Unknown None
CBL Mariner 1.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2.06~rc1-9 Unknown None
CBL Mariner 2.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2.06-8 Unknown None
CBL Mariner 2.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 8,6
Temporal: 8,6
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2.06-8 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-2601 None

CVE-2022-28391 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-28391
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/04/2022    

Information published.


2.0    14/04/2022    

Added busybox to CBL-Mariner 1.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-28391
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM busybox (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1.36.1-3 Unknown None
Azure Linux 3.0 x64 busybox (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1.36.1-3 Unknown None
CBL Mariner 1.0 ARM busybox (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1.34.1-2 Unknown None
CBL Mariner 1.0 x64 busybox (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1.34.1-2 Unknown None
CBL Mariner 2.0 ARM busybox (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1.35.0-2 Unknown None
CBL Mariner 2.0 x64 busybox (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1.35.0-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-28391 None

CVE-2022-28734 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-28734
MITRE
NVD

Issuing CNA: security@ubuntu.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    29/07/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-28734
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
2.06-14 Unknown None
Azure Linux 3.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
2.06-14 Unknown None
CBL Mariner 2.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
2.06-12 Unknown None
CBL Mariner 2.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
2.06-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-28734 None

CVE-2022-28733 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-28733
MITRE
NVD

Issuing CNA: security@ubuntu.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,1/TemporalScore:8,1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    29/07/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-28733
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2.06-14 Unknown None
Azure Linux 3.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2.06-14 Unknown None
CBL Mariner 2.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2.06-12 Unknown None
CBL Mariner 2.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2.06-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-28733 None

CVE-2022-2879 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-2879
MITRE
NVD

Issuing CNA: security@golang.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/10/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-2879
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ig (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.29.0-1 Unknown None
Azure Linux 3.0 x64 ig (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.29.0-1 Unknown None
CBL Mariner 2.0 ARM golang (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.21.6-1 Unknown None
CBL Mariner 2.0 x64 golang (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.21.6-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-2879 None

CVE-2022-28736 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-28736
MITRE
NVD

Issuing CNA: security@ubuntu.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    29/07/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-28736
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-14 Unknown None
Azure Linux 3.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-14 Unknown None
CBL Mariner 2.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-12 Unknown None
CBL Mariner 2.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-28736 None

CVE-2022-28805 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-28805
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,1/TemporalScore:9,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    15/04/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-28805
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ntopng (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
5.2.1-3 Unknown None
Azure Linux 3.0 x64 ntopng (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
5.2.1-3 Unknown None
CBL Mariner 1.0 ARM lua (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
5.3.5-9 Unknown None
CBL Mariner 1.0 x64 lua (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
5.3.5-9 Unknown None
CBL Mariner 2.0 ARM lua (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
5.4.3-2 Unknown None
CBL Mariner 2.0 x64 lua (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
5.4.3-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-28805 None

CVE-2022-31394 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-31394
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/02/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-31394
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM rpm-ostree (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2022.1-7 Unknown None
Azure Linux 3.0 x64 rpm-ostree (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2022.1-7 Unknown None
CBL Mariner 2.0 ARM rpm-ostree (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2022.1-4 Unknown None
CBL Mariner 2.0 x64 rpm-ostree (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2022.1-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-31394 None

CVE-2022-29526 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-29526
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/11/2023    

Information published.


2.0    24/01/2024    

Added nmi to CBL-Mariner 2.0 Added sriov-network-device-plugin to CBL-Mariner 2.0


3.0    11/04/2024    

Added cri-o to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-29526
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM keda (CBL-Mariner)
moby-engine (CBL-Mariner)
node-problem-detector (CBL-Mariner)
prometheus (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2.14.0-1
25.0.3-1
0.8.15-1
2.45.4-1
None
Azure Linux 3.0 x64 keda (CBL-Mariner)
moby-engine (CBL-Mariner)
node-problem-detector (CBL-Mariner)
prometheus (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2.14.0-1
25.0.3-1
0.8.15-1
2.45.4-1
None
CBL Mariner 2.0 ARM azcopy (CBL-Mariner)
cri-o (CBL-Mariner)
git-lfs (CBL-Mariner)
kata-containers (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
10.24.0-1
1.21.7-2
3.4.1-1
3.2.0.azl2-1
None
CBL Mariner 2.0 x64 azcopy (CBL-Mariner)
cri-o (CBL-Mariner)
git-lfs (CBL-Mariner)
kata-containers (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
10.24.0-1
1.21.7-2
3.4.1-1
3.2.0.azl2-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-29526 None

CVE-2022-32221 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-32221
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-32221
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-32221 None

CVE-2022-32149 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-32149
MITRE
NVD

Issuing CNA: security@golang.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/11/2023    

Information published.


2.0    24/01/2024    

Added sriov-network-device-plugin to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-32149
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM keda (CBL-Mariner)
kubevirt (CBL-Mariner)
node-problem-detector (CBL-Mariner)
sriov-network-device-plugin (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.14.0-1
1.2.0-1
0.8.15-1
3.7.0-1
None
Azure Linux 3.0 x64 keda (CBL-Mariner)
kubevirt (CBL-Mariner)
node-problem-detector (CBL-Mariner)
sriov-network-device-plugin (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.14.0-1
1.2.0-1
0.8.15-1
3.7.0-1
None
CBL Mariner 2.0 ARM git-lfs (CBL-Mariner)
kured (CBL-Mariner)
node-problem-detector (CBL-Mariner)
sriov-network-device-plugin (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.4.1-1
1.13.2-1
0.8.17-2
3.6.2-2
None
CBL Mariner 2.0 x64 git-lfs (CBL-Mariner)
kured (CBL-Mariner)
node-problem-detector (CBL-Mariner)
sriov-network-device-plugin (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.4.1-1
1.13.2-1
0.8.17-2
3.6.2-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-32149 None

CVE-2022-33064 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-33064
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-33064
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libsndfile (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1.2.2-1 Unknown None
Azure Linux 3.0 x64 libsndfile (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1.2.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-33064 None

CVE-2022-34038 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-34038
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    31/08/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-34038
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM etcd (CBL-Mariner)
kubernetes (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.5.12-1
1.29.1-2
None
Azure Linux 3.0 x64 etcd (CBL-Mariner)
kubernetes (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.5.12-1
1.29.1-2
None
CBL Mariner 2.0 ARM etcd (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.5.12-1 Unknown None
CBL Mariner 2.0 x64 etcd (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.5.12-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-34038 None

CVE-2022-36763 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-36763
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-36763
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.0.1-3 Unknown None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.0.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-36763 None

CVE-2022-3650 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-3650
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-3650
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
18.2.1-1 Unknown None
CBL Mariner 2.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
16.2.10-4 Unknown None
CBL Mariner 2.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
16.2.10-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-3650 None

CVE-2022-3563 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-3563
MITRE
NVD

Issuing CNA: cna@vuldb.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,7/TemporalScore:5,7
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/09/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-3563
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM bluez (CBL-Mariner) Unknown Unknown None Base: 5,7
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.63-4 Unknown None
Azure Linux 3.0 x64 bluez (CBL-Mariner) Unknown Unknown None Base: 5,7
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.63-4 Unknown None
CBL Mariner 2.0 ARM bluez (CBL-Mariner) Unknown Unknown None Base: 5,7
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.63-4 Unknown None
CBL Mariner 2.0 x64 bluez (CBL-Mariner) Unknown Unknown None Base: 5,7
Temporal: 5,7
Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.63-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-3563 None

CVE-2022-36764 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-36764
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-36764
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.0.1-3 Unknown None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.0.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-36764 None

CVE-2022-36765 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-36765
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-36765
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.0.1-3 Unknown None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.0.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-36765 None

CVE-2022-37616 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-37616
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-37616
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.16.2-1 Unknown None
Azure Linux 3.0 x64 python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.16.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-37616 None

CVE-2022-3775 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-3775
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,1/TemporalScore:7,1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    29/12/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-3775
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
2.06-14 Unknown None
Azure Linux 3.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
2.06-14 Unknown None
CBL Mariner 1.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
2.06~rc1-10 Unknown None
CBL Mariner 1.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
2.06~rc1-10 Unknown None
CBL Mariner 2.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
2.06-10 Unknown None
CBL Mariner 2.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
2.06-10 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-3775 None

CVE-2022-3821 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-3821
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    17/11/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-3821
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM systemd-bootstrap (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
250.3-17 Unknown None
Azure Linux 3.0 x64 systemd-bootstrap (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
250.3-17 Unknown None
CBL Mariner 1.0 ARM systemd (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
239-43 Unknown None
CBL Mariner 1.0 x64 systemd (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
239-43 Unknown None
CBL Mariner 2.0 ARM systemd (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
250.3-10 Unknown None
CBL Mariner 2.0 x64 systemd (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
250.3-10 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-3821 None

CVE-2022-3857 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-3857
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-3857
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-3857 None

CVE-2022-3854 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-3854
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-3854
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None
Azure Linux 3.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
18.2.1-1 Unknown None
CBL Mariner 2.0 ARM ceph (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
16.2.10-4 Unknown None
CBL Mariner 2.0 x64 ceph (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
16.2.10-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-3854 None

CVE-2022-40320 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-40320
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/09/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-40320
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libconfuse (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.3-2 Unknown None
Azure Linux 3.0 x64 libconfuse (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.3-2 Unknown None
CBL Mariner 1.0 ARM libconfuse (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.3-2 Unknown None
CBL Mariner 1.0 x64 libconfuse (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.3-2 Unknown None
CBL Mariner 2.0 ARM libconfuse (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.3-2 Unknown None
CBL Mariner 2.0 x64 libconfuse (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.3-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-40320 None

CVE-2022-41717 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41717
MITRE
NVD

Issuing CNA: security@golang.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/12/2022    

Information published.


2.0    24/01/2024    

Added sriov-network-device-plugin to CBL-Mariner 2.0


3.0    12/02/2024    

Added nmi to CBL-Mariner 2.0


4.0    11/04/2024    

Added cri-o to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41717
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM moby-engine (CBL-Mariner)
prometheus (CBL-Mariner)
sriov-network-device-plugin (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
25.0.3-1
2.45.4-1
3.7.0-1
None
Azure Linux 3.0 x64 moby-engine (CBL-Mariner)
prometheus (CBL-Mariner)
sriov-network-device-plugin (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
25.0.3-1
2.45.4-1
3.7.0-1
None
CBL Mariner 1.0 ARM golang (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1.18.8-2 Unknown None
CBL Mariner 1.0 x64 golang (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1.18.8-2 Unknown None
CBL Mariner 2.0 ARM azcopy (CBL-Mariner)
cri-o (CBL-Mariner)
golang (CBL-Mariner)
moby-cli (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
10.24.0-1
1.22.3-1
1.18.8-2
24.0.9-1
None
CBL Mariner 2.0 x64 azcopy (CBL-Mariner)
cri-o (CBL-Mariner)
golang (CBL-Mariner)
moby-cli (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
10.24.0-1
1.22.3-1
1.18.8-2
24.0.9-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41717 None

CVE-2022-41723 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-41723
MITRE
NVD

Issuing CNA: security@golang.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/03/2023    

Information published.


1.0    05/04/2023    

Information published.


2.0    17/05/2023    

Added kubevirt to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-41723
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kubevirt (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.0-1 Unknown None
Azure Linux 3.0 x64 kubevirt (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.2.0-1 Unknown None
CBL Mariner 2.0 ARM golang (CBL-Mariner)
kubevirt (CBL-Mariner)
skopeo (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.21.6-1
0.59.0-15
1.12.0-3
1.26.0-2
None
CBL Mariner 2.0 x64 golang (CBL-Mariner)
kubevirt (CBL-Mariner)
skopeo (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.21.6-1
0.59.0-15
1.12.0-3
1.26.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-41723 None

CVE-2022-42915 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-42915
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,1/TemporalScore:8,1
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09/11/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-42915
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2.16.1-1 Unknown None
CBL Mariner 1.0 ARM curl (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.86.0-1 Unknown None
CBL Mariner 1.0 x64 curl (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.86.0-1 Unknown None
CBL Mariner 2.0 ARM curl (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.86.0-1 Unknown None
CBL Mariner 2.0 x64 curl (CBL-Mariner) Unknown Unknown None Base: 8,1
Temporal: 8,1
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.86.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-42915 None

CVE-2022-43551 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-43551
MITRE
NVD

Issuing CNA: cve-assignments@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/01/2023    

Information published.


2.0    12/01/2023    

Added cmake to CBL-Mariner 1.0 Added cmake to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-43551
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.21.4-10
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.21.4-10
2.16.1-1
None
CBL Mariner 1.0 ARM cmake (CBL-Mariner)
curl (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.21.4-3
7.86.0-2
None
CBL Mariner 1.0 x64 cmake (CBL-Mariner)
curl (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.21.4-3
7.86.0-2
None
CBL Mariner 2.0 ARM cmake (CBL-Mariner)
curl (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.21.4-3
7.86.0-2
None
CBL Mariner 2.0 x64 cmake (CBL-Mariner)
curl (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.21.4-3
7.86.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-43551 None

CVE-2022-4304 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-4304
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/02/2023    

Information published.


2.0    14/02/2023    

Added openssl to CBL-Mariner 1.0


3.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-4304
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 1.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1.1.1k-13 Unknown None
CBL Mariner 1.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1.1.1k-13 Unknown None
CBL Mariner 2.0 ARM cloud-hypervisor (CBL-Mariner)
hvloader (CBL-Mariner)
openssl (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
30.0-2
1.0.1-3
1.1.1k-21
1.72.0-2
None
CBL Mariner 2.0 x64 cloud-hypervisor (CBL-Mariner)
hvloader (CBL-Mariner)
openssl (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
30.0-2
1.0.1-3
1.1.1k-21
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-4304 None

CVE-2022-4450 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-4450
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/02/2023    

Information published.


1.0    14/02/2023    

Information published.


3.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-4450
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 1.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.1.1k-13 Unknown None
CBL Mariner 1.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.1.1k-13 Unknown None
CBL Mariner 2.0 ARM cloud-hypervisor (CBL-Mariner)
hvloader (CBL-Mariner)
openssl (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
30.0-2
1.0.1-3
1.1.1k-21
1.72.0-2
None
CBL Mariner 2.0 x64 cloud-hypervisor (CBL-Mariner)
hvloader (CBL-Mariner)
openssl (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
30.0-2
1.0.1-3
1.1.1k-21
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-4450 None

CVE-2022-4415 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-4415
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    17/01/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-4415
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM systemd-bootstrap (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
250.3-15 Unknown None
Azure Linux 3.0 x64 systemd-bootstrap (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
250.3-15 Unknown None
CBL Mariner 2.0 ARM systemd (CBL-Mariner)
systemd-bootstrap (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
250.3-13
250.3-12
None
CBL Mariner 2.0 x64 systemd (CBL-Mariner)
systemd-bootstrap (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
250.3-13
250.3-12
None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-4415 None

CVE-2022-43552 - Open Source Curl Remote Code Execution Vulnerability

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-43552
MITRE
NVD

Issuing CNA: HackerOne

CVE Title: Open Source Curl Remote Code Execution Vulnerability
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:

What is the curl open-source project?

Curl is a computer software project providing a library (libcurl) and command-line tool (curl) for transferring data using various network protocols. The name stands for "Client for URL". The Windows implementation provides access to the command-line tool, not the library.

What version of curl addresses this CVE?

Curl version 7.87.0 addresses this vulnerability.

Where can I find more information about this curl vulnerability?

More information can be found at NVD and curl.se

Are there any workarounds that can be implemented?

Preventing the execution of curl.exe is a workaround to be considered

Use a WDAC policy to deny execution of the \system32\curl.exe executable. You can merge the deny into an existing policy or create a new policy with it using the Merge-CIPolicy cmdlet; Merge-CIPolicy (ConfigCI) | Microsoft Learn. Once the policy XML file with the deny has been created or merged with an existing policy it must be deployed.

Choose how to deploy the policy; Deploying Windows Defender Application Control (WDAC) policies | Microsoft Learn

For example:

Create a new policy: (These steps will create a new policy named Deny-Curl.xml by merging the deny using the example policy named AllowAll.xml)

$rule = new-cipolicyrule -DriverFilePath "$env:systemroot\system32\curl.exe" -Level FilePublisher -Deny
$rule[0].attributes["MinimumFileVersion"] = "0.0.0.0"
$rule[0].attributes["MaximumFileVersion"] = "7.87.0.0"

merge-cipolicy "$env:systemroot\schemas\CodeIntegrity\ExamplePolicies\AllowAll.xml" -Rules $rule -OutputFilePath "Deny-Curl.xml"

Merge into an existing policy

$rule = new-cipolicyrule -DriverFilePath "$env:systemroot\system32\curl.exe" -Level FilePublisher -Deny
$rule[0].attributes["MinimumFileVersion"] = "0.0.0.0"
$rule[0].attributes["MaximumFileVersion"] = "7.87.0.0"

merge-cipolicy "existing_policy.xml" -Rules $rule -OutputFilePath "existing_policy.xml"

How to undo this workaround?

Guidance for how to remove WDAC policies can be found in the following documentation: Remove Windows Defender Application Control (WDAC) policies


Mitigations:
None
Workarounds:
None
Revision:
1.0    10/02/2023    

Information published.


1.1    14/03/2023    

CVE updated to add Windows software as Microsoft is aware that certain versions of Windows are affected by the cURL vulnerability. Microsoft will incorporate the new cURL Open Source library that addresses this issue in an upcoming security release.


2.0    11/04/2023    

Microsoft is announcing the availability of the April 2023 security updates to address this vulnerability for all supported versions of Windows 10 version 1809, Windows 10 version 20H2, Windows 10 version 21H2, Windows 10 version 22H2, Windows 11 version 21H2, Windows 11 version 22H2, Windows Server 2019, and Windows Server 2022. Microsoft strongly recommends that customers install the April 2023 updates to be fully protected from this vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action.


2.1    12/04/2023    

Updated FAQ information. This is an informational change only.


1.0    02/07/2024    

Information published.


Important Remote Code Execution

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Yes No

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-43552
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
3.28.2-1
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
3.28.2-1
2.16.1-1
None
CBL Mariner 1.0 ARM curl (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.86.0-3 Unknown None
CBL Mariner 1.0 x64 curl (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.86.0-3 Unknown None
CBL Mariner 2.0 ARM curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.86.0-3
8.0.33-1
1.72.0-2
None
CBL Mariner 2.0 x64 curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.86.0-3
8.0.33-1
1.72.0-2
None
Windows 10 Version 1809 for 32-bit Systems 5025229 (Security Update) Important Remote Code Execution 5023702
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0.17763.4252
Yes 5025229
Windows 10 Version 1809 for ARM64-based Systems 5025229 (Security Update) Important Remote Code Execution 5023702
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0.17763.4252
Yes 5025229
Windows 10 Version 1809 for x64-based Systems 5025229 (Security Update) Important Remote Code Execution 5023702
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0.17763.4252
Yes 5025229
Windows 10 Version 20H2 for 32-bit Systems 5025221 (Security Update) Important Remote Code Execution 5023696
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0.19042.2846
Yes 5025221
Windows 10 Version 20H2 for ARM64-based Systems 5025221 (Security Update) Important Remote Code Execution 5023696
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0.19042.2846
Yes 5025221
Windows 10 Version 21H2 for 32-bit Systems 5025221 (Security Update) Important Remote Code Execution
5023696
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

10.0.19044.2846
Yes 5025221
Windows 10 Version 21H2 for ARM64-based Systems 5025221 (Security Update) Important Remote Code Execution
5023696
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

10.0.19044.2846
Yes 5025221
Windows 10 Version 21H2 for x64-based Systems 5025221 (Security Update) Important Remote Code Execution
5023696
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

10.0.19044.2846
Yes 5025221
Windows 10 Version 22H2 for 32-bit Systems 5025221 (Security Update) Important Remote Code Execution
5023696
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

10.0.19045.2846
Yes 5025221
Windows 10 Version 22H2 for ARM64-based Systems 5025221 (Security Update) Important Remote Code Execution
5023696
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

10.0.19045.2846
Yes 5025221
Windows 10 Version 22H2 for x64-based Systems 5025221 (Security Update) Important Remote Code Execution
5023696
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

10.0.19045.2846
Yes 5025221
Windows 11 version 21H2 for ARM64-based Systems 5025224 (Security Update) Important Remote Code Execution 5023698
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0.22000.1817
Yes 5025224
Windows 11 version 21H2 for x64-based Systems 5025224 (Security Update) Important Remote Code Execution 5023698
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0.22000.1817
Yes 5025224
Windows 11 Version 22H2 for ARM64-based Systems 5025239 (Security Update) Important Remote Code Execution 5023706
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0.22621.1555
Yes 5025239
Windows 11 Version 22H2 for x64-based Systems 5025239 (Security Update) Important Remote Code Execution 5023706
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0.22621.1555
Yes 5025239
Windows Server 2019 5025229 (Security Update) Important Remote Code Execution 5023702
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0.17763.4252
Yes 5025229
Windows Server 2019 (Server Core installation) 5025229 (Security Update) Important Remote Code Execution 5023702
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0.17763.4252
Yes 5025229
Windows Server 2022 5025230 (Security Update) Important Remote Code Execution 5023705
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0.20348.1668
Yes 5025230
Windows Server 2022 (Server Core installation) 5025230 (Security Update) Important Remote Code Execution 5023705
Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0.20348.1668
Yes 5025230

Acknowledgements

CVE ID Acknowledgements
CVE-2022-43552 Stefan Kanthak


CVE-2022-45873 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-45873
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/12/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-45873
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM systemd-bootstrap (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
250.3-17 Unknown None
Azure Linux 3.0 x64 systemd-bootstrap (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
250.3-17 Unknown None
CBL Mariner 2.0 ARM systemd (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
250.3-12 Unknown None
CBL Mariner 2.0 x64 systemd (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
250.3-12 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-45873 None

CVE-2022-47085 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-47085
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    31/07/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-47085
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ostree (CBL-Mariner)
rpm-ostree (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2024.5-1
2022.1-7
None
Azure Linux 3.0 x64 ostree (CBL-Mariner)
rpm-ostree (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2024.5-1
2022.1-7
None
CBL Mariner 2.0 ARM rpm-ostree (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2022.1-5 Unknown None
CBL Mariner 2.0 x64 rpm-ostree (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2022.1-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-47085 None

CVE-2022-48579 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-48579
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/08/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-48579
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM clamav (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.105.2-4 Unknown None
Azure Linux 3.0 x64 clamav (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.105.2-4 Unknown None
CBL Mariner 2.0 ARM clamav (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.105.2-2 Unknown None
CBL Mariner 2.0 x64 clamav (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.105.2-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-48579 None

CVE-2022-48285 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-48285
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,3/TemporalScore:7,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/02/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-48285
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM mozjs (CBL-Mariner) Unknown Unknown None Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
102.15.1-1 Unknown None
Azure Linux 3.0 x64 mozjs (CBL-Mariner) Unknown Unknown None Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
102.15.1-1 Unknown None
CBL Mariner 1.0 ARM mozjs60 (CBL-Mariner) Unknown Unknown None Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
60.9.0-13 Unknown None
CBL Mariner 1.0 x64 mozjs60 (CBL-Mariner) Unknown Unknown None Base: 7,3
Temporal: 7,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
60.9.0-13 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-48285 None

CVE-2023-0215 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-0215
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/02/2023    

Information published.


2.0    14/02/2023    

Added openssl to CBL-Mariner 2.0 Added openssl to CBL-Mariner 1.0


3.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-0215
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 1.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.1.1k-13 Unknown None
CBL Mariner 1.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.1.1k-13 Unknown None
CBL Mariner 2.0 ARM cloud-hypervisor (CBL-Mariner)
hvloader (CBL-Mariner)
openssl (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
30.0-2
1.0.1-3
1.1.1k-21
1.72.0-2
None
CBL Mariner 2.0 x64 cloud-hypervisor (CBL-Mariner)
hvloader (CBL-Mariner)
openssl (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
30.0-2
1.0.1-3
1.1.1k-21
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-0215 None

CVE-2023-0464 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-0464
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/03/2023    

Information published.


2.0    24/04/2023    

Added nodejs18 to CBL-Mariner 2.0


3.0    11/10/2023    

Added edk2 to CBL-Mariner 2.0


4.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-0464
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20230301gitf80f052277c8-37 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20230301gitf80f052277c8-37 Unknown None
CBL Mariner 1.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.1.1k-15 Unknown None
CBL Mariner 1.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.1.1k-15 Unknown None
CBL Mariner 2.0 ARM edk2 (CBL-Mariner)
hvloader (CBL-Mariner)
nodejs18 (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20230301gitf80f052277c8-34
1.0.1-3
18.17.1-2
1.1.1k-22
None
CBL Mariner 2.0 x64 edk2 (CBL-Mariner)
hvloader (CBL-Mariner)
nodejs18 (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20230301gitf80f052277c8-34
1.0.1-3
18.17.1-2
1.1.1k-22
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-0464 None

CVE-2023-0286 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-0286
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,4/TemporalScore:7,4
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/02/2023    

Information published.


2.0    28/02/2023    

Added cloud-hypervisor to CBL-Mariner 2.0


3.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-0286
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 1.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1.1.1k-13 Unknown None
CBL Mariner 1.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
1.1.1k-13 Unknown None
CBL Mariner 2.0 ARM cloud-hypervisor (CBL-Mariner)
hvloader (CBL-Mariner)
openssl (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
30.0-2
1.0.1-3
1.1.1k-21
1.72.0-2
None
CBL Mariner 2.0 x64 cloud-hypervisor (CBL-Mariner)
hvloader (CBL-Mariner)
openssl (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
30.0-2
1.0.1-3
1.1.1k-21
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-0286 None

CVE-2023-0465 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-0465
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/04/2023    

Information published.


2.0    25/04/2023    

Added nodejs18 to CBL-Mariner 2.0


3.0    27/06/2023    

Added rust to CBL-Mariner 2.0


4.0    11/10/2023    

Added edk2 to CBL-Mariner 2.0


5.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-0465
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
20230301gitf80f052277c8-37 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
20230301gitf80f052277c8-37 Unknown None
CBL Mariner 1.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1.1.1k-15 Unknown None
CBL Mariner 1.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1.1.1k-15 Unknown None
CBL Mariner 2.0 ARM edk2 (CBL-Mariner)
hvloader (CBL-Mariner)
nodejs18 (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
20230301gitf80f052277c8-37
1.0.1-3
18.17.1-2
1.1.1k-23
None
CBL Mariner 2.0 x64 edk2 (CBL-Mariner)
hvloader (CBL-Mariner)
nodejs18 (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
20230301gitf80f052277c8-37
1.0.1-3
18.17.1-2
1.1.1k-23
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-0465 None

CVE-2023-1393 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-1393
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/04/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-1393
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM xorg-x11-server (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.20.10-4 Unknown None
Azure Linux 3.0 x64 xorg-x11-server (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.20.10-4 Unknown None
CBL Mariner 2.0 ARM xorg-x11-server (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.20.10-4 Unknown None
CBL Mariner 2.0 x64 xorg-x11-server (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.20.10-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-1393 None

CVE-2023-23914 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-23914
MITRE
NVD

Issuing CNA: cve-assignments@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,1/TemporalScore:9,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    24/02/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-23914
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
3.21.4-10
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
3.21.4-10
2.16.1-1
None
CBL Mariner 1.0 ARM curl (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
7.88.1-1 Unknown None
CBL Mariner 1.0 x64 curl (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
7.88.1-1 Unknown None
CBL Mariner 2.0 ARM cmake (CBL-Mariner)
curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
3.21.4-6
7.88.1-1
8.0.33-1
1.72.0-2
None
CBL Mariner 2.0 x64 cmake (CBL-Mariner)
curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
3.21.4-6
7.88.1-1
8.0.33-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-23914 None

CVE-2023-2253 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-2253
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07/06/2023    

Information published.


1.0    08/06/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-2253
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM moby-engine (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
25.0.3-1 Unknown None
Azure Linux 3.0 x64 moby-engine (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
25.0.3-1 Unknown None
CBL Mariner 2.0 ARM helm (CBL-Mariner)
moby-cli (CBL-Mariner)
moby-compose (CBL-Mariner)
moby-engine (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
3.13.2-1
20.10.27-1
2.17.3-5
None
CBL Mariner 2.0 x64 helm (CBL-Mariner)
moby-cli (CBL-Mariner)
moby-compose (CBL-Mariner)
moby-engine (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
3.13.2-1
20.10.27-1
2.17.3-5
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-2253 None

CVE-2023-22466 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-22466
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,4/TemporalScore:5,4
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/01/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-22466
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kata-containers (CBL-Mariner)
netavark (CBL-Mariner)
rpm-ostree (CBL-Mariner)
Unknown Unknown Base: 5,4
Temporal: 5,4
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
3.2.0.azl0-2
1.10.3-1
2024.4-1
None
Azure Linux 3.0 x64 kata-containers (CBL-Mariner)
netavark (CBL-Mariner)
rpm-ostree (CBL-Mariner)
Unknown Unknown Base: 5,4
Temporal: 5,4
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
3.2.0.azl0-2
1.10.3-1
2024.4-1
None
CBL Mariner 2.0 ARM kata-containers (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,4
Temporal: 5,4
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
3.2.0.azl0-1
1.72.0-2
None
CBL Mariner 2.0 x64 kata-containers (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,4
Temporal: 5,4
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
3.2.0.azl0-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-22466 None

CVE-2023-23916 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-23916
MITRE
NVD

Issuing CNA: cve-assignments@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    24/02/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-23916
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
3.28.2-1
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
3.28.2-1
2.16.1-1
None
CBL Mariner 1.0 ARM curl (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
7.88.1-1 Unknown None
CBL Mariner 1.0 x64 curl (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
7.88.1-1 Unknown None
CBL Mariner 2.0 ARM curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
7.88.1-1
8.0.33-1
1.72.0-2
None
CBL Mariner 2.0 x64 curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
7.88.1-1
8.0.33-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-23916 None

CVE-2023-23915 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-23915
MITRE
NVD

Issuing CNA: cve-assignments@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    24/02/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-23915
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
3.28.2-1
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
3.28.2-1
2.16.1-1
None
CBL Mariner 1.0 ARM curl (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
7.88.1-1 Unknown None
CBL Mariner 1.0 x64 curl (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
7.88.1-1 Unknown None
CBL Mariner 2.0 ARM curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
7.88.1-1
8.0.33-1
1.72.0-2
None
CBL Mariner 2.0 x64 curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
7.88.1-1
8.0.33-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-23915 None

CVE-2023-25153 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25153
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    20/02/2023    

Information published.


1.0    21/02/2023    

Information published.


3.0    25/02/2023    

Added moby-containerd to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25153
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM moby-engine (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
20.10.25-3 Unknown None
Azure Linux 3.0 x64 moby-engine (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
20.10.25-3 Unknown None
CBL Mariner 1.0 ARM moby-containerd (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.6.6+azure-9 Unknown None
CBL Mariner 1.0 x64 moby-containerd (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.6.6+azure-9 Unknown None
CBL Mariner 2.0 ARM moby-containerd (CBL-Mariner)
moby-engine (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.6.18-2
20.10.14-7
None
CBL Mariner 2.0 x64 moby-containerd (CBL-Mariner)
moby-engine (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.6.18-2
20.10.14-7
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25153 None

CVE-2023-25012 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25012
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,6/TemporalScore:4,6
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    11/02/2023    

Information published.


2.0    09/05/2023    

Added hyperv-daemons to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25012
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 4,6
Temporal: 4,6
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.6.14.1-1 Unknown None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 4,6
Temporal: 4,6
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.6.14.1-1 Unknown None
CBL Mariner 1.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 4,6
Temporal: 4,6
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.10.177.1-1 Unknown None
CBL Mariner 1.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 4,6
Temporal: 4,6
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.10.177.1-1 Unknown None
CBL Mariner 2.0 ARM hyperv-daemons (CBL-Mariner)
kernel (CBL-Mariner)
Unknown Unknown Base: 4,6
Temporal: 4,6
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.15.118.1-1
5.15.107.1-2
None
CBL Mariner 2.0 x64 hyperv-daemons (CBL-Mariner)
kernel (CBL-Mariner)
Unknown Unknown Base: 4,6
Temporal: 4,6
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.15.118.1-1
5.15.107.1-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25012 None

CVE-2023-25659 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25659
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25659
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25659 None

CVE-2023-25658 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25658
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25658
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25658 None

CVE-2023-25662 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25662
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25662
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25662 None

CVE-2023-25663 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25663
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25663
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25663 None

CVE-2023-25664 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25664
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25664
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25664 None

CVE-2023-25665 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25665
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25665
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25665 None

CVE-2023-25666 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25666
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25666
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25666 None

CVE-2023-25669 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25669
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25669
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25669 None

CVE-2023-25670 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25670
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25670
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25670 None

CVE-2023-25668 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25668
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25668
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25668 None

CVE-2023-25672 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25672
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25672
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25672 None

CVE-2023-25671 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25671
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25671
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25671 None

CVE-2023-25674 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25674
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25674
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25674 None

CVE-2023-25675 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25675
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25675
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25675 None

CVE-2023-25676 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25676
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25676
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25676 None

CVE-2023-26159 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-26159
MITRE
NVD

Issuing CNA: report@snyk.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,1/TemporalScore:6,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/01/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-26159
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2.16.2-1 Unknown None
Azure Linux 3.0 x64 python-tensorboard (CBL-Mariner) Unknown Unknown None Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2.16.2-1 Unknown None
CBL Mariner 2.0 ARM reaper (CBL-Mariner) Unknown Unknown None Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3.1.1-8 Unknown None
CBL Mariner 2.0 x64 reaper (CBL-Mariner) Unknown Unknown None Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3.1.1-8 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-26159 None

CVE-2023-25801 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-25801
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-25801
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-25801 None

CVE-2023-26964 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-26964
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    17/05/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-26964
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kata-containers (CBL-Mariner)
rpm-ostree (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.2.0.azl0-2
2024.4-1
None
Azure Linux 3.0 x64 kata-containers (CBL-Mariner)
rpm-ostree (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.2.0.azl0-2
2024.4-1
None
CBL Mariner 2.0 ARM kata-containers (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.2.0.azl0-1 Unknown None
CBL Mariner 2.0 x64 kata-containers (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.2.0.azl0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-26964 None

CVE-2023-2650 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-2650
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/06/2023    

Information published.


2.0    06/06/2023    

Added rust to CBL-Mariner 2.0


3.0    11/10/2023    

Added edk2 to CBL-Mariner 2.0


4.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-2650
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
20230301gitf80f052277c8-37 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
20230301gitf80f052277c8-37 Unknown None
CBL Mariner 1.0 ARM openssl (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.1.1k-16 Unknown None
CBL Mariner 1.0 x64 openssl (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.1.1k-16 Unknown None
CBL Mariner 2.0 ARM edk2 (CBL-Mariner)
hvloader (CBL-Mariner)
openssl (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
20230301gitf80f052277c8-37
1.0.1-3
1.1.1k-24
1.72.0-2
None
CBL Mariner 2.0 x64 edk2 (CBL-Mariner)
hvloader (CBL-Mariner)
openssl (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
20230301gitf80f052277c8-37
1.0.1-3
1.1.1k-24
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-2650 None

CVE-2023-27478 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-27478
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-27478
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libmemcached-awesome (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1.1.4-1 Unknown None
Azure Linux 3.0 x64 libmemcached-awesome (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1.1.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-27478 None

CVE-2023-2700 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-2700
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-2700
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libvirt (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.10.0-5 Unknown None
Azure Linux 3.0 x64 libvirt (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.10.0-5 Unknown None
CBL Mariner 2.0 ARM libvirt (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.10.0-5 Unknown None
CBL Mariner 2.0 x64 libvirt (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
7.10.0-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-2700 None

CVE-2023-27536 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-27536
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01/04/2023    

Information published.


1.0    03/04/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-27536
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
3.28.2-1
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
3.28.2-1
2.16.1-1
None
CBL Mariner 2.0 ARM curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
8.0.1-1
8.0.34-1
1.72.0-2
None
CBL Mariner 2.0 x64 curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
8.0.1-1
8.0.34-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-27536 None

CVE-2023-27535 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-27535
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01/04/2023    

Information published.


1.0    03/04/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-27535
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
3.28.2-1
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
3.28.2-1
2.16.1-1
None
CBL Mariner 2.0 ARM curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
8.0.1-1
8.0.34-1
1.72.0-2
None
CBL Mariner 2.0 x64 curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
8.0.1-1
8.0.34-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-27535 None

CVE-2023-27537 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-27537
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/04/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-27537
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
3.28.2-1
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
3.28.2-1
2.16.1-1
None
CBL Mariner 2.0 ARM mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
8.0.33-1
1.72.0-2
None
CBL Mariner 2.0 x64 mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
8.0.33-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-27537 None

CVE-2023-27538 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-27538
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01/04/2023    

Information published.


1.0    03/04/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-27538
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3.28.2-1
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3.28.2-1
2.16.1-1
None
CBL Mariner 2.0 ARM curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
8.0.1-1
8.0.34-1
1.72.0-2
None
CBL Mariner 2.0 x64 curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
8.0.1-1
8.0.34-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-27538 None

CVE-2023-28320 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-28320
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/05/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-28320
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
3.28.2-1
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
3.28.2-1
2.16.1-1
None
CBL Mariner 2.0 ARM curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
8.2.1-1
8.0.34-1
1.72.0-2
None
CBL Mariner 2.0 x64 curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
8.2.1-1
8.0.34-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-28320 None

CVE-2023-28319 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-28319
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/05/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-28319
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.16.1-1 Unknown None
CBL Mariner 2.0 ARM curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
8.2.1-1
8.0.34-1
1.72.0-2
None
CBL Mariner 2.0 x64 curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
8.2.1-1
8.0.34-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-28319 None

CVE-2023-2816 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-2816
MITRE
NVD

Issuing CNA: security@hashicorp.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    17/07/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-2816
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1.29.4-1 Unknown None
Azure Linux 3.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1.29.4-1 Unknown None
CBL Mariner 2.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1.28.5-1 Unknown None
CBL Mariner 2.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1.28.5-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-2816 None

CVE-2023-28321 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-28321
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/05/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-28321
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
2.16.1-1 Unknown None
CBL Mariner 2.0 ARM curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
8.2.1-1
8.0.34-1
1.72.0-2
None
CBL Mariner 2.0 x64 curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
8.2.1-1
8.0.34-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-28321 None

CVE-2023-28322 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-28322
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,7/TemporalScore:3,7
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/05/2023    

Information published.


2.0    28/05/2023    

Added curl to CBL-Mariner 1.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-28322
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 3,7
Temporal: 3,7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
3.21.4-10
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 3,7
Temporal: 3,7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
3.21.4-10
2.16.1-1
None
CBL Mariner 1.0 ARM curl (CBL-Mariner) Unknown Unknown None Base: 3,7
Temporal: 3,7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
7.88.1-2 Unknown None
CBL Mariner 1.0 x64 curl (CBL-Mariner) Unknown Unknown None Base: 3,7
Temporal: 3,7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
7.88.1-2 Unknown None
CBL Mariner 2.0 ARM cmake (CBL-Mariner)
curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 3,7
Temporal: 3,7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
3.21.4-6
8.0.1-2
8.0.34-1
1.72.0-2
None
CBL Mariner 2.0 x64 cmake (CBL-Mariner)
curl (CBL-Mariner)
mysql (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: 3,7
Temporal: 3,7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
3.21.4-6
8.0.1-2
8.0.34-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-28322 None

CVE-2023-28938 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-28938
MITRE
NVD

Issuing CNA: secure@intel.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,4/TemporalScore:4,4
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-28938
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM mdadm (CBL-Mariner) Unknown Unknown None Base: 4,4
Temporal: 4,4
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.2-1 Unknown None
Azure Linux 3.0 x64 mdadm (CBL-Mariner) Unknown Unknown None Base: 4,4
Temporal: 4,4
Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-28938 None

CVE-2023-29941 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-29941
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-29941
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-29941 None

CVE-2023-2977 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-2977
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,1/TemporalScore:7,1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06/06/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-2977
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM opensc (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
0.25.1-3 Unknown None
Azure Linux 3.0 x64 opensc (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
0.25.1-3 Unknown None
CBL Mariner 1.0 ARM opensc (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
0.22.0-2 Unknown None
CBL Mariner 1.0 x64 opensc (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
0.22.0-2 Unknown None
CBL Mariner 2.0 ARM opensc (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
0.22.0-3 Unknown None
CBL Mariner 2.0 x64 opensc (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
0.22.0-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-2977 None

CVE-2023-31147 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-31147
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    29/05/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-31147
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grpc (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1.62.0-2 Unknown None
Azure Linux 3.0 x64 grpc (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1.62.0-2 Unknown None
CBL Mariner 1.0 ARM c-ares (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1.19.1-1 Unknown None
CBL Mariner 1.0 x64 c-ares (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1.19.1-1 Unknown None
CBL Mariner 2.0 ARM c-ares (CBL-Mariner)
fluent-bit (CBL-Mariner)
nodejs (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1.19.1-1
2.1.10-1
16.20.1-2
18.17.1-2
None
CBL Mariner 2.0 x64 c-ares (CBL-Mariner)
fluent-bit (CBL-Mariner)
nodejs (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1.19.1-1
2.1.10-1
16.20.1-2
18.17.1-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-31147 None

CVE-2023-31130 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-31130
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,4/TemporalScore:6,4
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/05/2023    

Information published.


2.0    31/05/2023    

Added nodejs to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-31130
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grpc (CBL-Mariner) Unknown Unknown None Base: 6,4
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1.62.0-2 Unknown None
Azure Linux 3.0 x64 grpc (CBL-Mariner) Unknown Unknown None Base: 6,4
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1.62.0-2 Unknown None
CBL Mariner 1.0 ARM c-ares (CBL-Mariner) Unknown Unknown None Base: 6,4
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1.19.1-1 Unknown None
CBL Mariner 1.0 x64 c-ares (CBL-Mariner) Unknown Unknown None Base: 6,4
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1.19.1-1 Unknown None
CBL Mariner 2.0 ARM c-ares (CBL-Mariner)
fluent-bit (CBL-Mariner)
nodejs (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 6,4
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1.19.1-1
2.1.10-1
16.20.1-2
18.17.1-2
None
CBL Mariner 2.0 x64 c-ares (CBL-Mariner)
fluent-bit (CBL-Mariner)
nodejs (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 6,4
Temporal: 6,4
Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1.19.1-1
2.1.10-1
16.20.1-2
18.17.1-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-31130 None

CVE-2023-32001 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-32001
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-32001
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.16.1-1 Unknown None
CBL Mariner 2.0 ARM curl (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
8.2.1-1
1.72.0-2
None
CBL Mariner 2.0 x64 curl (CBL-Mariner)
rust (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
8.2.1-1
1.72.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-32001 None

CVE-2023-32067 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-32067
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/05/2023    

Information published.


2.0    31/05/2023    

Added nodejs to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-32067
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grpc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.62.0-2 Unknown None
Azure Linux 3.0 x64 grpc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.62.0-2 Unknown None
CBL Mariner 1.0 ARM c-ares (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.19.1-1 Unknown None
CBL Mariner 1.0 x64 c-ares (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.19.1-1 Unknown None
CBL Mariner 2.0 ARM c-ares (CBL-Mariner)
fluent-bit (CBL-Mariner)
nodejs (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.19.1-1
2.1.10-1
16.20.1-2
18.17.1-2
None
CBL Mariner 2.0 x64 c-ares (CBL-Mariner)
fluent-bit (CBL-Mariner)
nodejs (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.19.1-1
2.1.10-1
16.20.1-2
18.17.1-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-32067 None

CVE-2023-3341 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-3341
MITRE
NVD

Issuing CNA: security-officer@isc.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-3341
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.19.21-1 Unknown None
Azure Linux 3.0 x64 bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.19.21-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-3341 None

CVE-2023-32731 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-32731
MITRE
NVD

Issuing CNA: cve-coordination@google.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-32731
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grpc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.62.0-2 Unknown None
Azure Linux 3.0 x64 grpc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.62.0-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-32731 None

CVE-2023-32732 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-32732
MITRE
NVD

Issuing CNA: cve-coordination@google.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-32732
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grpc (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1.62.0-2 Unknown None
Azure Linux 3.0 x64 grpc (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1.62.0-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-32732 None

CVE-2023-34411 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-34411
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/06/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-34411
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM rpm-ostree (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2024.4-1 Unknown None
Azure Linux 3.0 x64 rpm-ostree (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2024.4-1 Unknown None
CBL Mariner 1.0 ARM mozjs60 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
60.9.0-13 Unknown None
CBL Mariner 1.0 x64 mozjs60 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
60.9.0-13 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-34411 None

CVE-2023-33953 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-33953
MITRE
NVD

Issuing CNA: cve-coordination@google.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-33953
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grpc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.62.0-2 Unknown None
Azure Linux 3.0 x64 grpc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.62.0-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-33953 None

CVE-2023-3750 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-3750
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-3750
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libvirt (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
10.0.0-1 Unknown None
Azure Linux 3.0 x64 libvirt (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
10.0.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-3750 None

CVE-2023-36328 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-36328
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/09/2023    

Information published.


2.0    06/09/2023    

Added libtommath to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-36328
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libtommath (CBL-Mariner)
tcl (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.1.0-5
8.6.13-3
None
Azure Linux 3.0 x64 libtommath (CBL-Mariner)
tcl (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.1.0-5
8.6.13-3
None
CBL Mariner 2.0 ARM libtommath (CBL-Mariner)
tcl (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.1.0-5
8.6.13-2
None
CBL Mariner 2.0 x64 libtommath (CBL-Mariner)
tcl (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.1.0-5
8.6.13-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-36328 None

CVE-2023-37460 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-37460
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    31/07/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-37460
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM javapackages-bootstrap (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.5.0-4 Unknown None
Azure Linux 3.0 x64 javapackages-bootstrap (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.5.0-4 Unknown None
CBL Mariner 2.0 ARM javapackages-bootstrap (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.5.0-4 Unknown None
CBL Mariner 2.0 x64 javapackages-bootstrap (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.5.0-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-37460 None

CVE-2023-38325 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-38325
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-38325
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-cryptography (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
42.0.5-1 Unknown None
Azure Linux 3.0 x64 python-cryptography (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
42.0.5-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-38325 None

CVE-2023-3817 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-3817
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07/08/2023    

Information published.


2.0    11/10/2023    

Added edk2 to CBL-Mariner 2.0


3.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-3817
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
20230301gitf80f052277c8-37
3.2.0.azl0-3
None
Azure Linux 3.0 x64 edk2 (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
20230301gitf80f052277c8-37
3.2.0.azl0-3
None
CBL Mariner 2.0 ARM edk2 (CBL-Mariner)
hvloader (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
20230301gitf80f052277c8-37
1.0.1-3
0.6.3-3
1.1.1k-26
None
CBL Mariner 2.0 x64 edk2 (CBL-Mariner)
hvloader (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
20230301gitf80f052277c8-37
1.0.1-3
0.6.3-3
1.1.1k-26
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-3817 None

CVE-2023-38710 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-38710
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    26/08/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-38710
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libreswan (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7-6 Unknown None
Azure Linux 3.0 x64 libreswan (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7-6 Unknown None
CBL Mariner 2.0 ARM libreswan (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7-5 Unknown None
CBL Mariner 2.0 x64 libreswan (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4.7-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-38710 None

CVE-2023-38546 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-38546
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,7/TemporalScore:3,7
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/10/2023    

Information published.


1.0    18/10/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-38546
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 3,7
Temporal: 3,7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
3.21.4-10
2.16.1-1
None
Azure Linux 3.0 x64 cmake (CBL-Mariner)
tensorflow (CBL-Mariner)
Unknown Unknown Base: 3,7
Temporal: 3,7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
3.21.4-10
2.16.1-1
None
CBL Mariner 2.0 ARM cmake (CBL-Mariner)
curl (CBL-Mariner)
mysql (CBL-Mariner)
Unknown Unknown Base: 3,7
Temporal: 3,7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
3.21.4-10
8.3.0-2
8.0.35-1
None
CBL Mariner 2.0 x64 cmake (CBL-Mariner)
curl (CBL-Mariner)
mysql (CBL-Mariner)
Unknown Unknown Base: 3,7
Temporal: 3,7
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
3.21.4-10
8.3.0-2
8.0.35-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-38546 None

CVE-2023-3978 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-3978
MITRE
NVD

Issuing CNA: security@golang.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,1/TemporalScore:6,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/08/2023    

Information published.


2.0    18/01/2024    

Added packer to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-3978
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kubevirt (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1.2.0-1
1.29.4-1
None
Azure Linux 3.0 x64 kubevirt (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1.2.0-1
1.29.4-1
None
CBL Mariner 2.0 ARM packer (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1.10.1-1
1.27.4-1
None
CBL Mariner 2.0 x64 packer (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 6,1
Temporal: 6,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1.10.1-1
1.27.4-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-3978 None

CVE-2023-39325 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-39325
MITRE
NVD

Issuing CNA: security@golang.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/10/2023    

Information published.


2.0    24/10/2023    

Added moby-compose to CBL-Mariner 2.0 Added moby-containerd-cc to CBL-Mariner 2.0 Added vitess to CBL-Mariner 2.0


2.0    28/10/2023    

Added coredns to CBL-Mariner 2.0


4.0    18/01/2024    

Added packer to CBL-Mariner 2.0


5.0    02/02/2024    

Added kata-containers-cc to CBL-Mariner 2.0


6.0    07/03/2024    

Added kata-containers to CBL-Mariner 2.0


5.0    20/04/2024    

Added git-lfs to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-39325
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM etcd (CBL-Mariner)
moby-containerd-cc (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.5.12-1
1.7.7-3
1.29.4-1
None
Azure Linux 3.0 x64 etcd (CBL-Mariner)
moby-containerd-cc (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.5.12-1
1.7.7-3
1.29.4-1
None
CBL Mariner 2.0 ARM blobfuse2 (CBL-Mariner)
coredns (CBL-Mariner)
cri-tools (CBL-Mariner)
git-lfs (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.1.1-1
1.11.1-2
1.29.0-2
3.5.1-1
None
CBL Mariner 2.0 x64 blobfuse2 (CBL-Mariner)
coredns (CBL-Mariner)
cri-tools (CBL-Mariner)
git-lfs (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.1.1-1
1.11.1-2
1.29.0-2
3.5.1-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-39325 None

CVE-2023-40660 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-40660
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,6/TemporalScore:6,6
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-40660
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM opensc (CBL-Mariner) Unknown Unknown None Base: 6,6
Temporal: 6,6
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.25.1-3 Unknown None
Azure Linux 3.0 x64 opensc (CBL-Mariner) Unknown Unknown None Base: 6,6
Temporal: 6,6
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.25.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-40660 None

CVE-2023-40661 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-40661
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,4/TemporalScore:6,4
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-40661
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM opensc (CBL-Mariner) Unknown Unknown None Base: 6,4
Temporal: 6,4
Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
0.25.1-3 Unknown None
Azure Linux 3.0 x64 opensc (CBL-Mariner) Unknown Unknown None Base: 6,4
Temporal: 6,4
Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
0.25.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-40661 None

CVE-2023-41361 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-41361
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-41361
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM frr (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1-2 Unknown None
Azure Linux 3.0 x64 frr (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-41361 None

CVE-2023-42282 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-42282
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-42282
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
20.14.0-1 Unknown None
CBL Mariner 2.0 ARM nodejs (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
16.20.2-3
18.18.2-4
None
CBL Mariner 2.0 x64 nodejs (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
16.20.2-3
18.18.2-4
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-42282 None

CVE-2023-41913 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-41913
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/12/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-41913
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM strongswan (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.9.12-1 Unknown None
Azure Linux 3.0 x64 strongswan (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.9.12-1 Unknown None
CBL Mariner 2.0 ARM strongswan (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.9.10-3 Unknown None
CBL Mariner 2.0 x64 strongswan (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.9.10-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-41913 None

CVE-2023-4408 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-4408
MITRE
NVD

Issuing CNA: security-officer@isc.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-4408
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.19.21-1 Unknown None
Azure Linux 3.0 x64 bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.19.21-1 Unknown None
CBL Mariner 2.0 ARM bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.48-1 Unknown None
CBL Mariner 2.0 x64 bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.48-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-4408 None

CVE-2023-45142 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45142
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/10/2023    

Information published.


1.0    21/01/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45142
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM docker-buildx (CBL-Mariner)
kubernetes (CBL-Mariner)
prometheus (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.14.0-1
1.29.1-2
2.45.4-1
None
Azure Linux 3.0 x64 docker-buildx (CBL-Mariner)
kubernetes (CBL-Mariner)
prometheus (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.14.0-1
1.29.1-2
2.45.4-1
None
CBL Mariner 2.0 ARM cri-tools (CBL-Mariner)
opa (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.29.0-2
0.63.0-1
None
CBL Mariner 2.0 x64 cri-tools (CBL-Mariner)
opa (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.29.0-2
0.63.0-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45142 None

CVE-2023-45231 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45231
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45231
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.0.1-3 Unknown None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.0.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45231 None

CVE-2023-45232 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45232
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45232
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.0.1-3 Unknown None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.0.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45232 None

CVE-2023-45230 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45230
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45230
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.0.1-3 Unknown None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.0.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45230 None

CVE-2023-45234 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45234
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,8/TemporalScore:8,8
Base score metrics
Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45234
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.0.1-3 Unknown None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 8,8
Temporal: 8,8
Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.0.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45234 None

CVE-2023-45233 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45233
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45233
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.0.1-3 Unknown None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.0.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45233 None

CVE-2023-45237 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45237
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45237
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.0.1-3 Unknown None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.0.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45237 None

CVE-2023-45236 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45236
MITRE
NVD

Issuing CNA: infosec@edk2.groups.io

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45236
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
20240223gitedc6681206c1-1 Unknown None
Azure Linux 3.0 x64 edk2 (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
20240223gitedc6681206c1-1 Unknown None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.0.1-3 Unknown None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.0.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45236 None

CVE-2023-4535 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-4535
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,8/TemporalScore:3,8
Base score metrics
Attack VectorPhysical
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/11/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-4535
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM opensc (CBL-Mariner) Unknown Unknown None Base: 3,8
Temporal: 3,8
Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
0.25.1-3 Unknown None
Azure Linux 3.0 x64 opensc (CBL-Mariner) Unknown Unknown None Base: 3,8
Temporal: 3,8
Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
0.25.1-3 Unknown None
CBL Mariner 2.0 ARM opensc (CBL-Mariner) Unknown Unknown None Base: 3,8
Temporal: 3,8
Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
0.23.0-2 Unknown None
CBL Mariner 2.0 x64 opensc (CBL-Mariner) Unknown Unknown None Base: 3,8
Temporal: 3,8
Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
0.23.0-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-4535 None

CVE-2023-45288 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-45288
MITRE
NVD

Issuing CNA: security@golang.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/04/2024    

Information published.


1.0    20/04/2024    

Information published.


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-45288
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
ig (CBL-Mariner)
kubernetes (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
0.14.0-1
2.27.0-1
0.29.0-1
1.30.1-1
None
Azure Linux 3.0 x64 docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
ig (CBL-Mariner)
kubernetes (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
0.14.0-1
2.27.0-1
0.29.0-1
1.30.1-1
None
CBL Mariner 2.0 ARM blobfuse2 (CBL-Mariner)
cert-manager (CBL-Mariner)
coredns (CBL-Mariner)
cri-tools (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
2.1.2-3
1.11.2-9
1.11.1-8
1.29.0-2
None
CBL Mariner 2.0 x64 blobfuse2 (CBL-Mariner)
cert-manager (CBL-Mariner)
coredns (CBL-Mariner)
cri-tools (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
2.1.2-3
1.11.2-9
1.11.1-8
1.29.0-2
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-45288 None

CVE-2023-46129 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-46129
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07/11/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-46129
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.29.4-1 Unknown None
Azure Linux 3.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.29.4-1 Unknown None
CBL Mariner 2.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.27.4-1 Unknown None
CBL Mariner 2.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1.27.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-46129 None

CVE-2023-46136 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-46136
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/10/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-46136
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-werkzeug (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.0.1-1 Unknown None
Azure Linux 3.0 x64 python-werkzeug (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.0.1-1 Unknown None
CBL Mariner 2.0 ARM python-werkzeug (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.3.7-1 Unknown None
CBL Mariner 2.0 x64 python-werkzeug (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.3.7-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-46136 None

CVE-2023-46753 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-46753
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01/11/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-46753
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM frr (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
9.1-2 Unknown None
Azure Linux 3.0 x64 frr (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
9.1-2 Unknown None
CBL Mariner 2.0 ARM frr (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
8.5.3-3 Unknown None
CBL Mariner 2.0 x64 frr (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
8.5.3-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-46753 None

CVE-2023-46752 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-46752
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/10/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-46752
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM frr (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
9.1-2 Unknown None
Azure Linux 3.0 x64 frr (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
9.1-2 Unknown None
CBL Mariner 2.0 ARM frr (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
8.5.3-3 Unknown None
CBL Mariner 2.0 x64 frr (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
8.5.3-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-46752 None

CVE-2023-4692 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-4692
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/10/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-4692
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-18 Unknown None
Azure Linux 3.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-18 Unknown None
CBL Mariner 2.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-13 Unknown None
CBL Mariner 2.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.06-13 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-4692 None

CVE-2023-46853 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-46853
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    01/11/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-46853
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM memcached (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.6.27-1 Unknown None
Azure Linux 3.0 x64 memcached (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.6.27-1 Unknown None
CBL Mariner 2.0 ARM memcached (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.6.22-1 Unknown None
CBL Mariner 2.0 x64 memcached (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.6.22-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-46853 None

CVE-2023-4693 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-4693
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:4,6/TemporalScore:4,6
Base score metrics
Attack VectorPhysical
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/10/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-4693
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 4,6
Temporal: 4,6
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.06-18 Unknown None
Azure Linux 3.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 4,6
Temporal: 4,6
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.06-18 Unknown None
CBL Mariner 2.0 ARM grub2 (CBL-Mariner) Unknown Unknown None Base: 4,6
Temporal: 4,6
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.06-13 Unknown None
CBL Mariner 2.0 x64 grub2 (CBL-Mariner) Unknown Unknown None Base: 4,6
Temporal: 4,6
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.06-13 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-4693 None

CVE-2023-47090 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-47090
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06/11/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-47090
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1.29.4-1 Unknown None
Azure Linux 3.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1.29.4-1 Unknown None
CBL Mariner 2.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1.28.5-1 Unknown None
CBL Mariner 2.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1.28.5-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-47090 None

CVE-2023-47235 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-47235
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07/11/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-47235
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM frr (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.1-2 Unknown None
Azure Linux 3.0 x64 frr (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.1-2 Unknown None
CBL Mariner 2.0 ARM frr (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.5.3-4 Unknown None
CBL Mariner 2.0 x64 frr (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.5.3-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-47235 None

CVE-2023-4785 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-4785
MITRE
NVD

Issuing CNA: cve-coordination@google.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-4785
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM grpc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.62.0-2 Unknown None
Azure Linux 3.0 x64 grpc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1.62.0-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-4785 None

CVE-2023-47234 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-47234
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07/11/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-47234
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM frr (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.1-2 Unknown None
Azure Linux 3.0 x64 frr (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.1-2 Unknown None
CBL Mariner 2.0 ARM frr (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.5.3-4 Unknown None
CBL Mariner 2.0 x64 frr (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.5.3-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-47234 None

CVE-2023-4807 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-4807
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    11/10/2023    

Information published.


1.0    21/01/2024    

Information published.


3.0    07/03/2024    

Added kata-containers to CBL-Mariner 2.0


4.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-4807
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kata-containers-cc (CBL-Mariner)
kata-containers (CBL-Mariner)
Unknown Unknown Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.2.0.azl1-1 None
Azure Linux 3.0 x64 kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
Unknown Unknown Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.2.0.azl1-1 None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.0.1-3
3.2.0.azl1-1
18.20.2-1
None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1.0.1-3
3.2.0.azl1-1
18.20.2-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-4807 None

CVE-2023-48795 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-48795
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/12/2023    

Information published.


2.0    27/12/2023    

Added moby-cli to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-48795
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM docker-buildx (CBL-Mariner)
kubernetes (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
0.14.0-1
1.30.1-1
1.29.4-1
None
Azure Linux 3.0 x64 docker-buildx (CBL-Mariner)
kubernetes (CBL-Mariner)
telegraf (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
0.14.0-1
1.30.1-1
1.29.4-1
None
CBL Mariner 2.0 ARM cert-manager (CBL-Mariner)
erlang (CBL-Mariner)
kubernetes (CBL-Mariner)
libssh (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1.11.2-7
25.2-2
1.28.4-4
0.10.6-1
None
CBL Mariner 2.0 x64 cert-manager (CBL-Mariner)
erlang (CBL-Mariner)
kubernetes (CBL-Mariner)
libssh (CBL-Mariner)
Unknown Unknown Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1.11.2-7
25.2-2
1.28.4-4
0.10.6-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-48795 None

CVE-2023-49990 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-49990
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-49990
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM espeak-ng (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1.51.1-1 Unknown None
Azure Linux 3.0 x64 espeak-ng (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1.51.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-49990 None

CVE-2023-50658 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-50658
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    29/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-50658
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.29.4-1 Unknown None
Azure Linux 3.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.29.4-1 Unknown None
CBL Mariner 2.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.29.4-1 Unknown None
CBL Mariner 2.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.29.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-50658 None

CVE-2023-51257 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-51257
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-51257
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM jasper (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.2.1-1 Unknown None
Azure Linux 3.0 x64 jasper (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.2.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-51257 None

CVE-2023-50782 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-50782
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-50782
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM python-cryptography (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
42.0.5-1 Unknown None
Azure Linux 3.0 x64 python-cryptography (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
42.0.5-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-50782 None

CVE-2023-5115 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5115
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,3/TemporalScore:6,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityLow
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5115
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ansible (CBL-Mariner) Unknown Unknown None Base: 6,3
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
2.17.0-1 Unknown None
Azure Linux 3.0 x64 ansible (CBL-Mariner) Unknown Unknown None Base: 6,3
Temporal: 6,3
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
2.17.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5115 None

CVE-2023-51714 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-51714
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    21/01/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-51714
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM qtbase (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.6.2-1 Unknown None
Azure Linux 3.0 x64 qtbase (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.6.2-1 Unknown None
CBL Mariner 2.0 ARM qt5-qtbase (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.12.11-10 Unknown None
CBL Mariner 2.0 x64 qt5-qtbase (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.12.11-10 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-51714 None

CVE-2023-51385 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-51385
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/12/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-51385
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openssh (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
9.7p1-1 Unknown None
Azure Linux 3.0 x64 openssh (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
9.7p1-1 Unknown None
CBL Mariner 2.0 ARM openssh (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
8.9p1-3 Unknown None
CBL Mariner 2.0 x64 openssh (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
8.9p1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-51385 None

CVE-2023-52071 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-52071
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-52071
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM tensorflow (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.16.1-1 Unknown None
Azure Linux 3.0 x64 tensorflow (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.16.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-52071 None

CVE-2023-51779 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-51779
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-51779
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-51779 None

CVE-2023-51764 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-51764
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    06/01/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-51764
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM postfix (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3.9.0-1 Unknown None
Azure Linux 3.0 x64 postfix (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3.9.0-1 Unknown None
CBL Mariner 2.0 ARM postfix (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3.7.0-3 Unknown None
CBL Mariner 2.0 x64 postfix (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
3.7.0-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-51764 None

CVE-2023-52425 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-52425
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-52425
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM expat (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.6.2-1 Unknown None
Azure Linux 3.0 x64 expat (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.6.2-1 Unknown None
CBL Mariner 2.0 ARM expat (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.6.2-2 Unknown None
CBL Mariner 2.0 x64 expat (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.6.2-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-52425 None

CVE-2023-52426 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-52426
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    09/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-52426
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM expat (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2.6.2-1 Unknown None
Azure Linux 3.0 x64 expat (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2.6.2-1 Unknown None
CBL Mariner 2.0 ARM expat (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2.6.2-2 Unknown None
CBL Mariner 2.0 x64 expat (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2.6.2-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-52426 None

CVE-2023-52429 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-52429
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-52429
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner)
kernel (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.22.1-2 None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner)
kernel (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.22.1-2 None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.153.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.153.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-52429 None

CVE-2023-5408 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5408
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,2/TemporalScore:7,2
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07/11/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5408
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kubernetes (CBL-Mariner) Unknown Unknown None Base: 7,2
Temporal: 7,2
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1.29.1-2 Unknown None
Azure Linux 3.0 x64 kubernetes (CBL-Mariner) Unknown Unknown None Base: 7,2
Temporal: 7,2
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1.29.1-2 Unknown None
CBL Mariner 2.0 ARM kubernetes (CBL-Mariner) Unknown Unknown None Base: 7,2
Temporal: 7,2
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1.28.4-5 Unknown None
CBL Mariner 2.0 x64 kubernetes (CBL-Mariner) Unknown Unknown None Base: 7,2
Temporal: 7,2
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1.28.4-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5408 None

CVE-2023-5679 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5679
MITRE
NVD

Issuing CNA: security-officer@isc.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5679
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.19.21-1 Unknown None
Azure Linux 3.0 x64 bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.19.21-1 Unknown None
CBL Mariner 2.0 ARM bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.48-1 Unknown None
CBL Mariner 2.0 x64 bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.48-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5679 None

CVE-2023-5678 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5678
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    13/11/2023    

Information published.


2.0    07/03/2024    

Added kata-containers to CBL-Mariner 2.0


3.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5678
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kata-containers-cc (CBL-Mariner)
edk2 (CBL-Mariner)
kata-containers (CBL-Mariner)
nodejs (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
3.2.0.azl1-1
20240223gitedc6681206c1-1
20.14.0-1
None
Azure Linux 3.0 x64 edk2 (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
nodejs (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
20240223gitedc6681206c1-1
3.2.0.azl1-1
20.14.0-1
None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1.0.1-3
3.2.0.azl1-1
18.20.2-1
None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1.0.1-3
3.2.0.azl1-1
18.20.2-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5678 None

CVE-2023-5992 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5992
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,9/TemporalScore:5,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5992
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM opensc (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.25.1-3 Unknown None
Azure Linux 3.0 x64 opensc (CBL-Mariner) Unknown Unknown None Base: 5,9
Temporal: 5,9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
0.25.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5992 None

CVE-2023-5764 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5764
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    21/12/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5764
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ansible (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.17.0-1 Unknown None
Azure Linux 3.0 x64 ansible (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.17.0-1 Unknown None
CBL Mariner 2.0 ARM ansible (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.14.12-1 Unknown None
CBL Mariner 2.0 x64 ansible (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.14.12-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5764 None

CVE-2023-6237 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6237
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    25/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6237
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
20.14.0-1
3.3.0-1
None
Azure Linux 3.0 x64 nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
20.14.0-1
3.3.0-1
None
CBL Mariner 2.0 ARM nodejs18 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
18.20.2-1 Unknown None
CBL Mariner 2.0 x64 nodejs18 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
18.20.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6237 None

CVE-2023-6516 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6516
MITRE
NVD

Issuing CNA: security-officer@isc.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6516
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.19.21-1 Unknown None
Azure Linux 3.0 x64 bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.19.21-1 Unknown None
CBL Mariner 2.0 ARM bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.48-1 Unknown None
CBL Mariner 2.0 x64 bind (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.16.48-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6516 None

CVE-2023-6932 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6932
MITRE
NVD

Issuing CNA: security@google.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    29/12/2023    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6932
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-4 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-4 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.143.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7
Temporal: 7
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.143.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6932 None

CVE-2023-6915 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-6915
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/01/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-6915
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.29.1-4 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.29.1-4 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.148.2-2 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.148.2-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-6915 None

CVE-2024-0607 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-0607
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,6/TemporalScore:6,6
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/01/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-0607
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 6,6
Temporal: 6,6
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
6.6.29.1-4 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 6,6
Temporal: 6,6
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
6.6.29.1-4 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 6,6
Temporal: 6,6
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
5.15.148.1-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 6,6
Temporal: 6,6
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
5.15.148.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-0607 None

CVE-2024-0690 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-0690
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    07/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-0690
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM ansible (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.17.0-1 Unknown None
Azure Linux 3.0 x64 ansible (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.17.0-1 Unknown None
CBL Mariner 2.0 ARM ansible (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.14.12-2 Unknown None
CBL Mariner 2.0 x64 ansible (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2.14.12-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-0690 None

CVE-2024-0985 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-0985
MITRE
NVD

Issuing CNA: Microsoft

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8/TemporalScore:8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-0985
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM postgresql (CBL-Mariner) Unknown Unknown None Base: 8
Temporal: 8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
16.3-1 Unknown None
Azure Linux 3.0 x64 postgresql (CBL-Mariner) Unknown Unknown None Base: 8
Temporal: 8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
16.3-1 Unknown None
CBL Mariner 2.0 ARM postgresql (CBL-Mariner) Unknown Unknown None Base: 8
Temporal: 8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
14.11-1 Unknown None
CBL Mariner 2.0 x64 postgresql (CBL-Mariner) Unknown Unknown None Base: 8
Temporal: 8
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
14.11-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-0985 None

CVE-2024-0727 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-0727
MITRE
NVD

Issuing CNA: openssl-security@openssl.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    29/01/2024    

Information published.


2.0    07/03/2024    

Added kata-containers to CBL-Mariner 2.0


3.0    06/04/2024    

Added hvloader to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-0727
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kata-containers-cc (CBL-Mariner)
kata-containers (CBL-Mariner)
nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
3.2.0.azl1-1
20.14.0-1
3.3.0-1
None
Azure Linux 3.0 x64 kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
nodejs (CBL-Mariner)
openssl (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
3.2.0.azl1-1
20.14.0-1
3.3.0-1
None
CBL Mariner 2.0 ARM hvloader (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.0.1-3
3.2.0.azl1-1
18.20.2-1
None
CBL Mariner 2.0 x64 hvloader (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
nodejs18 (CBL-Mariner)
Unknown Unknown Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1.0.1-3
3.2.0.azl1-1
18.20.2-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-0727 None

CVE-2024-1151 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-1151
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-1151
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.22.1-2 Unknown None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.22.1-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-1151 None

CVE-2024-1454 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-1454
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,4/TemporalScore:3,4
Base score metrics
Attack VectorPhysical
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-1454
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM opensc (CBL-Mariner) Unknown Unknown None Base: 3,4
Temporal: 3,4
Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
0.25.1-3 Unknown None
Azure Linux 3.0 x64 opensc (CBL-Mariner) Unknown Unknown None Base: 3,4
Temporal: 3,4
Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
0.25.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-1454 None

CVE-2024-21891 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21891
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,9/TemporalScore:7,9
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21891
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 7,9
Temporal: 7,9
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 7,9
Temporal: 7,9
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
20.14.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21891 None

CVE-2024-21890 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21890
MITRE
NVD

Issuing CNA: support@hackerone.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5/TemporalScore:5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21890
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 5
Temporal: 5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
20.14.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21890 None

CVE-2024-21646 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-21646
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/01/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-21646
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2024.03.04-1 Unknown None
Azure Linux 3.0 x64 azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2024.03.04-1 Unknown None
CBL Mariner 2.0 ARM azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2022.01.21-2 Unknown None
CBL Mariner 2.0 x64 azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2022.01.21-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-21646 None

CVE-2024-2313 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-2313
MITRE
NVD

Issuing CNA: security@ubuntu.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:2,8/TemporalScore:2,8
Base score metrics
Attack VectorLocal
Attack ComplexityHigh
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-2313
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM bpftrace (CBL-Mariner) Unknown Unknown None Base: 2,8
Temporal: 2,8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L
0.20.3-1 Unknown None
Azure Linux 3.0 x64 bpftrace (CBL-Mariner) Unknown Unknown None Base: 2,8
Temporal: 2,8
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L
0.20.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-2313 None

CVE-2024-23650 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-23650
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-23650
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
moby-engine (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
0.14.0-1
2.27.0-1
25.0.3-1
None
Azure Linux 3.0 x64 docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
moby-engine (CBL-Mariner)
Unknown Unknown Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
0.14.0-1
2.27.0-1
25.0.3-1
None
CBL Mariner 2.0 ARM moby-compose (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2.17.3-5 Unknown None
CBL Mariner 2.0 x64 moby-compose (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2.17.3-5 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-23650 None

CVE-2024-23651 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-23651
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,4/TemporalScore:7,4
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-23651
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM moby-engine (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
25.0.3-1 Unknown None
Azure Linux 3.0 x64 moby-engine (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
25.0.3-1 Unknown None
CBL Mariner 2.0 ARM moby-engine (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
20.10.27-4 Unknown None
CBL Mariner 2.0 x64 moby-engine (CBL-Mariner) Unknown Unknown None Base: 7,4
Temporal: 7,4
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
20.10.27-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-23651 None

CVE-2024-23652 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-23652
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,1/TemporalScore:9,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-23652
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM moby-engine (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
25.0.3-1 Unknown None
Azure Linux 3.0 x64 moby-engine (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
25.0.3-1 Unknown None
CBL Mariner 2.0 ARM moby-engine (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
20.10.27-4 Unknown None
CBL Mariner 2.0 x64 moby-engine (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
20.10.27-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-23652 None

CVE-2024-23653 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-23653
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    05/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-23653
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
moby-engine (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.14.0-1
2.27.0-1
25.0.3-1
None
Azure Linux 3.0 x64 docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
moby-engine (CBL-Mariner)
Unknown Unknown Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.14.0-1
2.27.0-1
25.0.3-1
None
CBL Mariner 2.0 ARM moby-cli (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
24.0.9-1 Unknown None
CBL Mariner 2.0 x64 moby-cli (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
24.0.9-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-23653 None

CVE-2024-24259 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-24259
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-24259
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM freeglut (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.4.0-1 Unknown None
Azure Linux 3.0 x64 freeglut (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.4.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-24259 None

CVE-2024-24557 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-24557
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    12/02/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-24557
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM moby-engine (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
25.0.3-1 Unknown None
Azure Linux 3.0 x64 moby-engine (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
25.0.3-1 Unknown None
CBL Mariner 2.0 ARM moby-engine (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
24.0.9-1 Unknown None
CBL Mariner 2.0 x64 moby-engine (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
24.0.9-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-24557 None

CVE-2024-24758 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-24758
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:3,9/TemporalScore:3,9
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionRequired
ScopeUnchanged
ConfidentialityLow
IntegrityLow
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-24758
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 3,9
Temporal: 3,9
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 3,9
Temporal: 3,9
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
20.14.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-24758 None

CVE-2024-24786 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-24786
MITRE
NVD

Issuing CNA: security@golang.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    08/03/2024    

Information published.


2.0    01/04/2024    

Added node-problem-detector to CBL-Mariner 2.0


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-24786
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM azcopy (CBL-Mariner)
docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
ig (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
10.24.0-1
0.14.0-1
2.27.0-1
0.29.0-1
None
Azure Linux 3.0 x64 azcopy (CBL-Mariner)
docker-buildx (CBL-Mariner)
docker-compose (CBL-Mariner)
ig (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
10.24.0-1
0.14.0-1
2.27.0-1
0.29.0-1
None
CBL Mariner 2.0 ARM azcopy (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
kubevirt (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
10.24.0-1
3.2.0.azl2-1
0.59.0-18
None
CBL Mariner 2.0 x64 azcopy (CBL-Mariner)
kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
kubevirt (CBL-Mariner)
Unknown Unknown Base: N/A
Temporal: N/A
Vector: N/A
10.24.0-1
3.2.0.azl2-1
0.59.0-18
None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-24786 None

CVE-2024-25620 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-25620
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,4/TemporalScore:6,4
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged
ConfidentialityLow
IntegrityLow
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-25620
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM helm (CBL-Mariner) Unknown Unknown None Base: 6,4
Temporal: 6,4
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
3.13.2-3 Unknown None
Azure Linux 3.0 x64 helm (CBL-Mariner) Unknown Unknown None Base: 6,4
Temporal: 6,4
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
3.13.2-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-25620 None

CVE-2024-26455 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26455
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    04/03/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26455
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM fluent-bit (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.0.3-1 Unknown None
Azure Linux 3.0 x64 fluent-bit (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.0.3-1 Unknown None
CBL Mariner 2.0 ARM fluent-bit (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.2.3-1 Unknown None
CBL Mariner 2.0 x64 fluent-bit (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.2.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26455 None

CVE-2024-26582 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26582
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26582
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.22.1-2 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.22.1-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26582 None

CVE-2024-26581 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26581
MITRE
NVD

Issuing CNA: cve@kernel.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    04/03/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26581
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.22.1-2 Unknown None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.22.1-2 Unknown None
CBL Mariner 2.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.153.1-1 Unknown None
CBL Mariner 2.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
5.15.153.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26581 None

CVE-2024-26881 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26881
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26881
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.29.1-3 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.29.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26881 None

CVE-2024-26883 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26883
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26883
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-3 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26883 None

CVE-2024-26882 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26882
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26882
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-3 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26882 None

CVE-2024-26898 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26898
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,8/TemporalScore:7,8
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26898
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-3 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 7,8
Temporal: 7,8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.6.29.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26898 None

CVE-2024-26901 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26901
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26901
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.29.1-3 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.29.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26901 None

CVE-2024-26903 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26903
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26903
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.29.1-3 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.29.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26903 None

CVE-2024-26902 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26902
MITRE
NVD

Issuing CNA: cve@kernel.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    30/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26902
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.29.1-3 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.29.1-3 Unknown None
CBL Mariner 2.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.158.2-1 Unknown None
CBL Mariner 2.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.15.158.2-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26902 None

CVE-2024-26909 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26909
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,5/TemporalScore:5,5
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26909
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.29.1-3 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: 5,5
Temporal: 5,5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6.29.1-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26909 None

CVE-2024-26908 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-26908
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-26908
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-4 Unknown None
Azure Linux 3.0 x64 kernel (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-26908 None

CVE-2024-27037 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27037
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27037
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27037 None

CVE-2024-27038 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27038
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27038
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27038 None

CVE-2024-27061 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27061
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27061
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27061 None

CVE-2024-27058 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27058
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27058
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27058 None

CVE-2024-27078 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27078
MITRE
NVD

Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27078
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None
Azure Linux 3.0 x64 hyperv-daemons (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
6.6.29.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27078 None

CVE-2024-27308 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27308
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    11/03/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27308
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM rpm-ostree (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2024.4-1 Unknown None
Azure Linux 3.0 x64 rpm-ostree (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
2024.4-1 Unknown None
CBL Mariner 2.0 ARM kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
3.2.0.azl2-1 None
CBL Mariner 2.0 x64 kata-containers (CBL-Mariner)
kata-containers-cc (CBL-Mariner)
Unknown Unknown Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
3.2.0.azl2-1 None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27308 None

CVE-2024-2757 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-2757
MITRE
NVD

Issuing CNA: security@php.net

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-2757
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM php (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.3.6-1 Unknown None
Azure Linux 3.0 x64 php (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.3.6-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-2757 None

CVE-2024-28182 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-28182
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:5,3/TemporalScore:5,3
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-28182
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 5,3
Temporal: 5,3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
20.14.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-28182 None

CVE-2024-28757 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-28757
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-28757
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM expat (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.6.2-1 Unknown None
Azure Linux 3.0 x64 expat (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.6.2-1 Unknown None
CBL Mariner 2.0 ARM expat (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.6.2-2 Unknown None
CBL Mariner 2.0 x64 expat (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
2.6.2-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-28757 None

CVE-2024-28863 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-28863
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6,5/TemporalScore:6,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionRequired
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-28863
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM nodejs (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
20.14.0-1 Unknown None
Azure Linux 3.0 x64 nodejs (CBL-Mariner) Unknown Unknown None Base: 6,5
Temporal: 6,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
20.14.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-28863 None

CVE-2024-29159 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29159
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29159
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29159 None

CVE-2024-29160 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29160
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29160
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29160 None

CVE-2024-29161 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29161
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29161
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29161 None

CVE-2024-29162 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29162
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29162
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29162 None

CVE-2024-29165 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29165
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29165
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29165 None

CVE-2024-29166 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29166
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29166
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29166 None

CVE-2024-29195 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-29195
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:6/TemporalScore:6
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredHigh
User InteractionRequired
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityLow
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-29195
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 6
Temporal: 6
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L
2024.03.04-1 Unknown None
Azure Linux 3.0 x64 azure-iot-sdk-c (CBL-Mariner) Unknown Unknown None Base: 6
Temporal: 6
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L
2024.03.04-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-29195 None

CVE-2024-30202 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30202
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30202
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM emacs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
29.3-1 Unknown None
Azure Linux 3.0 x64 emacs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
29.3-1 Unknown None
CBL Mariner 2.0 ARM emacs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
29.3-1 Unknown None
CBL Mariner 2.0 x64 emacs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
29.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30202 None

CVE-2024-31744 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-31744
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-31744
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM jasper (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
4.2.1-2 Unknown None
Azure Linux 3.0 x64 jasper (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
4.2.1-2 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-31744 None

CVE-2024-30205 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-30205
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-30205
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM emacs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
29.3-1 Unknown None
Azure Linux 3.0 x64 emacs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
29.3-1 Unknown None
CBL Mariner 2.0 ARM emacs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
29.3-1 Unknown None
CBL Mariner 2.0 x64 emacs (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
29.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-30205 None

CVE-2024-31852 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-31852
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-31852
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM llvm (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
18.1.2-3 Unknown None
Azure Linux 3.0 x64 llvm (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
18.1.2-3 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-31852 None

CVE-2024-3177 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-3177
MITRE
NVD

Issuing CNA: jordan@liggitt.net

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:2,7/TemporalScore:2,7
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged
ConfidentialityLow
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-3177
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM kubernetes (CBL-Mariner) Unknown Unknown None Base: 2,7
Temporal: 2,7
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1.30.1-1 Unknown None
Azure Linux 3.0 x64 kubernetes (CBL-Mariner) Unknown Unknown None Base: 2,7
Temporal: 2,7
Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
1.30.1-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-3177 None

CVE-2024-32487 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32487
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    22/04/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32487
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM less (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
643-2 Unknown None
Azure Linux 3.0 x64 less (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
643-2 Unknown None
CBL Mariner 2.0 ARM less (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
590-4 Unknown None
CBL Mariner 2.0 x64 less (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
590-4 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32487 None

CVE-2024-32607 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32607
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32607
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32607 None

CVE-2024-32609 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32609
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32609
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32609 None

CVE-2024-32610 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32610
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32610
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32610 None

CVE-2024-32611 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32611
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32611
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32611 None

CVE-2024-32614 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32614
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32614
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32614 None

CVE-2024-32615 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32615
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32615
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32615 None

CVE-2024-32618 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32618
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32618
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32618 None

CVE-2024-32616 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32616
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32616
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32616 None

CVE-2024-32622 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32622
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32622
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32622 None

CVE-2024-32621 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32621
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32621
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32621 None

CVE-2024-32623 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-32623
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-32623
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-32623 None

CVE-2024-33873 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-33873
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-33873
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-33873 None

CVE-2024-33876 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-33876
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-33876
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-33876 None

CVE-2024-3727 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-3727
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:8,3/TemporalScore:8,3
Base score metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionRequired
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-3727
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM containerized-data-importer (CBL-Mariner)
ig (CBL-Mariner)
Unknown Unknown Base: 8,3
Temporal: 8,3
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1.57.0-2
0.29.0-1
None
Azure Linux 3.0 x64 containerized-data-importer (CBL-Mariner)
ig (CBL-Mariner)
Unknown Unknown Base: 8,3
Temporal: 8,3
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1.57.0-2
0.29.0-1
None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-3727 None

CVE-2024-33877 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-33877
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    14/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-33877
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
Azure Linux 3.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4.3-1 Unknown None
CBL Mariner 2.0 ARM hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None
CBL Mariner 2.0 x64 hdf5 (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
1.14.4-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-33877 None

CVE-2024-4323 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-4323
MITRE
NVD

Issuing CNA: vulnreport@tenable.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    23/05/2024    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-4323
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM fluent-bit (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.0.6-1 Unknown None
Azure Linux 3.0 x64 fluent-bit (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.0.6-1 Unknown None
CBL Mariner 2.0 ARM fluent-bit (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.2.3-1 Unknown None
CBL Mariner 2.0 x64 fluent-bit (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.2.3-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-4323 None

CVE-2019-19977 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-19977
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/01/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-19977
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libesmtp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.0.6-21 Unknown None
Azure Linux 3.0 x64 libesmtp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.0.6-21 Unknown None
CBL Mariner 2.0 ARM libesmtp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.0.6-21 Unknown None
CBL Mariner 2.0 x64 libesmtp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.0.6-21 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-19977 None

CVE-2019-3816 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-3816
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/04/2024    

Information published.


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


1.0    04/07/2024    

Information published.


1.0    05/07/2024    

Information published.


1.0    06/07/2024    

Information published.


1.0    07/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-3816
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Unknown Unknown None
Azure Linux 3.0 x64 Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Unknown Unknown None
CBL Mariner 2.0 ARM openwsman (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.6.8-13 Unknown None
CBL Mariner 2.0 x64 openwsman (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2.6.8-13 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-3816 None

CVE-2019-17362 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-17362
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,1/TemporalScore:9,1
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/01/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-17362
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM libtomcrypt (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1.18.2-9 Unknown None
Azure Linux 3.0 x64 libtomcrypt (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1.18.2-9 Unknown None
CBL Mariner 2.0 ARM libtomcrypt (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1.18.2-9 Unknown None
CBL Mariner 2.0 x64 libtomcrypt (CBL-Mariner) Unknown Unknown None Base: 9,1
Temporal: 9,1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1.18.2-9 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-17362 None

CVE-2008-3908 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2008-3908
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/12/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2008-3908
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM wordnet (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.0-43 Unknown None
Azure Linux 3.0 x64 wordnet (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.0-43 Unknown None
CBL Mariner 2.0 ARM wordnet (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.0-38 Unknown None
CBL Mariner 2.0 x64 wordnet (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.0-38 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2008-3908 None

CVE-2004-2771 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2004-2771
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/12/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2004-2771
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM mailx (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
12.5-36 Unknown None
Azure Linux 3.0 x64 mailx (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
12.5-36 Unknown None
CBL Mariner 2.0 ARM mailx (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
12.5-34 Unknown None
CBL Mariner 2.0 x64 mailx (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
12.5-34 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2004-2771 None

CVE-2016-7567 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2016-7567
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    19/01/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2016-7567
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM openslp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.0.0-26 Unknown None
Azure Linux 3.0 x64 openslp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.0.0-26 Unknown None
CBL Mariner 2.0 ARM openslp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.0.0-26 Unknown None
CBL Mariner 2.0 x64 openslp (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2.0.0-26 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2016-7567 None

CVE-2022-2990 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2022-2990
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,1/TemporalScore:7,1
Base score metrics
Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityNone
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    17/09/2022    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2022-2990
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM buildah (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1.18.0-24 Unknown None
Azure Linux 3.0 x64 buildah (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1.18.0-24 Unknown None
CBL Mariner 2.0 ARM buildah (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1.18.0-17 Unknown None
CBL Mariner 2.0 x64 buildah (CBL-Mariner) Unknown Unknown None Base: 7,1
Temporal: 7,1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1.18.0-17 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2022-2990 None

CVE-2019-3833 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2019-3833
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    02/04/2024    

Information published.


1.0    02/07/2024    

Information published.


1.0    03/07/2024    

Information published.


1.0    04/07/2024    

Information published.


1.0    05/07/2024    

Information published.


1.0    06/07/2024    

Information published.


1.0    07/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2019-3833
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None
Azure Linux 3.0 x64 Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Unknown Unknown None
CBL Mariner 2.0 ARM openwsman (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.6.8-13 Unknown None
CBL Mariner 2.0 x64 openwsman (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.6.8-13 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2019-3833 None

CVE-2017-16844 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2017-16844
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/12/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2017-16844
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM procmail (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.22-53 Unknown None
Azure Linux 3.0 x64 procmail (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.22-53 Unknown None
CBL Mariner 2.0 ARM procmail (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.22-53 Unknown None
CBL Mariner 2.0 x64 procmail (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.22-53 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2017-16844 None

CVE-2008-2149 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2008-2149
MITRE
NVD

Issuing CNA: cve@mitre.org

CVE Title: Unknown
Weakness: N/A
CVSS:
None
Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    16/12/2021    

Information published.


1.0    02/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2008-2149
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM wordnet (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.0-43 Unknown None
Azure Linux 3.0 x64 wordnet (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.0-43 Unknown None
CBL Mariner 2.0 ARM wordnet (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.0-38 Unknown None
CBL Mariner 2.0 x64 wordnet (CBL-Mariner) Unknown Unknown None Base: N/A
Temporal: N/A
Vector: N/A
3.0-38 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2008-2149 None

CVE-2023-5156 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2023-5156
MITRE
NVD

Issuing CNA: secalert@redhat.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:7,5/TemporalScore:7,5
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    27/09/2023    

Information published.


1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2023-5156
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM glibc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.38-6 Unknown None
Azure Linux 3.0 x64 glibc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.38-6 Unknown None
CBL Mariner 2.0 ARM glibc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.35-6 Unknown None
CBL Mariner 2.0 x64 glibc (CBL-Mariner) Unknown Unknown None Base: 7,5
Temporal: 7,5
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2.35-6 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2023-5156 None

CVE-2024-27304 - Unknown

(top)
CVE ID Vulnerability Description Maximum Severity Rating Vulnerability Impact
CVE-2024-27304
MITRE
NVD

Issuing CNA: security-advisories@github.com

CVE Title: Unknown
Weakness: N/A
CVSS:

CVSS:3.1 Highest BaseScore:9,8/TemporalScore:9,8
Base score metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
Temporal score metrics

Executive Summary:
None
FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    03/07/2024    

Information published.


Unknown Unknown

Exploitability Index

The following table provides an exploitability assessment for this vulnerability at the time of original publication.

Exploitability Assessment Publicly Disclosed Exploited
Not Found Not Found Not Found

Affected Software

The following tables list the affected software details for the vulnerability.

CVE-2024-27304
Product KB Article Severity Impact Supercedence CVSS Score Set Fixed Build Restart Required Known Issue
Azure Linux 3.0 ARM telegraf (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.31.0-1 Unknown None
Azure Linux 3.0 x64 telegraf (CBL-Mariner) Unknown Unknown None Base: 9,8
Temporal: 9,8
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1.31.0-1 Unknown None

Acknowledgements

CVE ID Acknowledgements
CVE-2024-27304 None